Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

  1. Create an S3 bucket

a. Go to AWS, S3 service,

b. Create bucket, region doesn’t matter, but should be consistent across all parts of role/policy/bucket.

c. Select Block all public access, disable Bucket Versioning, no Tags, disable Default Encryption.

d. Create Bucket.


2. Create a policy

a. Go to AWS, IAM service, Policies

b. Click on Create policy

c. Choose Service S3

d. Include 3 actions:

List, ListBucket

Write, DeleteObject

Write, PutObject

e. Resources:


Click on Add ARN for the bucket and add the bucket name.


Click on Add ARN for the object, to Specify ARN for object, add bucket name, appending /*


3. Create a Role

a. Go to AWS, IAM service, Roles

b. Click on Create role

c. Type of trusted entity = Another AWS account. Enter account number, e.g. IDT Bluvision Root.

d. Select the new policy via checkbox, no tags, give name, create role