Creating an IAM User:

Sign in to the AWS Management Console:

Go to the AWS Management Console at https://console.aws.amazon.com/ and sign in with your credentials.

Access IAM Service:

Once logged in, navigate to the IAM service by either searching for "IAM" in the AWS services search bar or
locating it under "Security, Identity, & Compliance" in the main console.

Create a New User:

Inside IAM, go to "Users" from the left-hand sidebar and click on "Add user."

Provide a username for the new IAM user.

Set Access Type:

Select the access type for the user:

Programmatic access: This will generate access keys (access key ID and secret access key) for API, CLI, SDK, or
other development purposes.

AWS Management Console access: This grants access to the AWS Management Console for user interaction.

Assign Permissions:

Choose "Attach existing policies directly."

Search and select the policy that grants S3 access:

For S3 access, you can attach the predefined policy like "AmazonS3FullAccess" or create a custom policy with
specific S3 permissions.

Review and Create User:

Review the user details and assigned permissions.

Click "Create user."

Access Key and Secret Key:

Once the user is created, you'll see a success message.

Save the Access key ID and Secret access key. These are crucial for programmatic access to AWS services.

Granting S3 Permission:

The previously attached policy (e.g., "AmazonS3FullAccess") or custom policy should contain necessary
permissions for S3 access. For a custom policy granting S3 permissions, here's an example of how it might look:

json

Copy code

"Version": "2012-10-17",

"Statement": [

"Effect": "Allow",

"Action": [

"s3:ListAllMyBuckets",

"s3:GetBucketLocation"

],

"Resource": "*"

},

"Effect": "Allow",

"Action": [

"s3:PutObject",

"s3:GetObject",

"s3:ListBucket"

],

"Resource": [

"arn:aws:s3:::examplebucket/*"
 ]

Create an S3 Bucket:

Access S3 Service:

From the AWS services, find and select "S3" under "Storage."

Click on "Create bucket."

Configure Bucket:

Provide a unique bucket name.

Choose the AWS Region where you want the bucket to reside.

Click "Next."

Set Properties:

Set properties like versioning, server access logging, encryption, etc., according to your requirements.

Click "Next."

Set Permissions:

Here, we'll configure CORS and later add a Bucket Policy.

For CORS, select the "Edit" button in the "Cross-origin resource sharing (CORS)" section.

Configure CORS:

Add CORS Configuration:

Enter the CORS configuration. Here's an example:

json
Copy code

"AllowedHeaders": ["*"],

"AllowedMethods": ["GET", "PUT", "POST", "DELETE", "HEAD"],

"AllowedOrigins": ["*"],

"ExposeHeaders": [],

"MaxAgeSeconds": 3000

This allows all origins (*) to access the S3 bucket with specified HTTP methods. Modify it as per your
requirements.

Click "Save" to apply the CORS configuration.

Set Bucket Policy:

Navigate to Bucket Policy:

From the bucket overview page, select the "Permissions" tab.

Click on "Bucket Policy."

Add Bucket Policy:

Enter or paste a JSON bucket policy. Here's a basic example allowing GetObject for all objects in the bucket to
everyone:

json

Copy code

"Version": "2012-10-17",

"Statement": [

{
 "Sid": "PublicReadGetObject",

"Effect": "Allow",

"Principal": "*",

"Action": "s3:GetObject",

"Resource": "arn:aws:s3:::your-bucket-name/*"

Replace your-bucket-name with your actual bucket name.

Click "Save" to apply the bucket policy.

you are done.