As noted in the comments, this attack requires an attacker-controlled user account that can assume a role with the s3:getObject and s3:ListBucket attributes included in an attached policy.