How to setup S3 with ARN
Create an S3 bucket
a. Go to AWS, S3 service,
b. Create bucket, region doesn’t matter, but should be consistent across all parts of role/policy/bucket.
c. Select Block all public access, disable Bucket Versioning, no Tags, disable Default Encryption.
d. Create Bucket.
2. Create a policy
a. Go to AWS, IAM service, Policies
b. Click on Create policy
c. Choose Service S3
d. Include 3 actions:
List, ListBucket
Write, DeleteObject
Write, PutObject
e. Resources:
Bucket
Click on Add ARN for the bucket and add the bucket name.
Object
Click on Add ARN for the object, to Specify ARN for object, add bucket name, appending /*
3. Create a Role
a. Go to AWS, IAM service, Roles
b. Click on Create role
c. Type of trusted entity = Another AWS account. Enter account number, e.g. IDT Bluvision Root.
d. Select the new policy via checkbox, no tags, give name, create role