Create an S3 bucket
a. Go to AWS, S3 service,
b. Create bucket, region doesn’t matter, but should be consistent across all parts of role/policy/bucket.
c. Select Block all public access, disable Bucket Versioning, no Tags, disable Default Encryption.
d. Create Bucket.
2. Create a policy
a. Go to AWS, IAM service, Policies
b. Click on Create policy
c. Choose Service S3
d. Include 3 actions:
List, ListBucket
Write, DeleteObject
Write, PutObject
e. Resources:
Bucket
Click on Add ARN for the bucket and add the bucket name.
Object
Click on Add ARN for the object, to Specify ARN for object, add bucket name, appending /*
3. Create a Role
a. Go to AWS, IAM service, Roles
b. Click on Create role
c. Type of trusted entity = Another AWS account. Enter account number, e.g. IDT Bluvision Root.
d. Select the new policy via checkbox, no tags, give name, create role