Professional Documents
Culture Documents
AWS S3 Configuration Steps
AWS S3 Configuration Steps
Go to the AWS Management Console at https://console.aws.amazon.com/ and sign in with your credentials.
Once logged in, navigate to the IAM service by either searching for "IAM" in the AWS services search bar or
locating it under "Security, Identity, & Compliance" in the main console.
Inside IAM, go to "Users" from the left-hand sidebar and click on "Add user."
Programmatic access: This will generate access keys (access key ID and secret access key) for API, CLI, SDK, or
other development purposes.
AWS Management Console access: This grants access to the AWS Management Console for user interaction.
Assign Permissions:
For S3 access, you can attach the predefined policy like "AmazonS3FullAccess" or create a custom policy with
specific S3 permissions.
Granting S3 Permission:
The previously attached policy (e.g., "AmazonS3FullAccess") or custom policy should contain necessary
permissions for S3 access. For a custom policy granting S3 permissions, here's an example of how it might look:
json
Copy code
"Version": "2012-10-17",
"Statement": [
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Resource": "*"
},
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::examplebucket/*"
]
Create an S3 Bucket:
Access S3 Service:
From the AWS services, find and select "S3" under "Storage."
Configure Bucket:
Choose the AWS Region where you want the bucket to reside.
Click "Next."
Set Properties:
Set properties like versioning, server access logging, encryption, etc., according to your requirements.
Click "Next."
Set Permissions:
For CORS, select the "Edit" button in the "Cross-origin resource sharing (CORS)" section.
Configure CORS:
json
Copy code
"AllowedHeaders": ["*"],
"AllowedOrigins": ["*"],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
This allows all origins (*) to access the S3 bucket with specified HTTP methods. Modify it as per your
requirements.
Enter or paste a JSON bucket policy. Here's a basic example allowing GetObject for all objects in the bucket to
everyone:
json
Copy code
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your-bucket-name/*"