Amazon S3 configuration
Amazon S3 configuration requires the following details, which are set in the AWS console:
- Bucket Name: The unique name of the bucket you’ve created in Amazon S3.
- Role ARN: The ARN resource. Instructions on creating and finding this number are detailed below.
- External ID: The External ID of the role. Instructions on creating this ID are detailed below.
- Region: The region of the bucket (for example,
us-east-2) - Configuration File Path: The path within the S3 bucket that your configuration file will be uploaded to. Do not include the file name in this path.
To set the External ID and retrieve the Role ARN, you will need to create an IAM role.
- Go to IAM in the AWS Console.
- Under Access Management, go to Roles.
- Click Create Role.
- For Trusted entity type, select AWS account.
- Under An AWS account, select Another AWS account, and enter the Account ID under the Role ARN field in the Maverics UI.
- Check the box marked Require external ID, and enter an alphanumeric string of your choice. This is the same ID that you will use when configuring S3 in Maverics.
- Click Next.
- On the Add permissions page, click Create policy.
- On the Specify permissions page, click JSON to go to the JSON editor.
- Copy the code block below and paste it into the editor, replacing the
<bucket name>fields with the bucket name you’ve created:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Policy",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::<bucket's name>",
"arn:aws:s3:::<bucket's name>/*"
]
}
]
}- Click Next.
- Give the role a name and description and click Create Role.
- When you’re redirected to the Roles page, click the role you’ve just created.
- On the Role page, the ARN can be found in the center column. Copy the entire ARN string and paste it into the Role ARN field in the environment configuration page of Maverics.