How to create a user and bucket Amazon Web Services ( AWS )

In this blog you will learn how to create amazon bucket and user and get the Access key ID and Secret access key for uploading files..

Step-1: Create an account on console.aws.amazon.com

Step-2: Create user on console.aws.amazon.com
Once you have created the account Click on service > Security, Identity & Compliance > IAM

Now click on Users > Add User

Enter a new username and select Access types as ‘Programmatic access’ .Then click on Next Permission > Next review > Create User

Note down your Access key ID and Secret access key and click on close.

Now Click on the user created e.g. orionbuckets

Note down the ARN : e.g. arn:aws:iam::883235560421:user/orionbuckets.
Then click on Add inline policy

Click on JSON and add the below policy code:

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:PutObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::*"
]
}
]
}

Then click on Review Policy , give it a name and Create Policy . Then Click on Services( from the Navmenu ) > S3

Then click on Create bucket

Enter a unique bucket name , select Region and then click on Next .Then Create bucket

Then click on the newly created bucket and then click on Permissions > Bucket Policy

Then add the below policy code by replacing the Resource value to the arnvalue you see on top and Principle AWS to ARN you copied when you created the user e.g. arn:aws:iam::883235560421:user/orionbuckets, and then click save

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddCannedAcl",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::883235560421:user/orionfileuploads"
]
},
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::onclick/*"
],
"Condition": {
"StringEquals": {
"s3:x-amz-acl": [
"public-read"
]
}
}
}
]
}

Now got CORS configuration and add this, then click save

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>

And its done!!

0

Leave a Reply