Click here to close this tab and return to the app.

How to grant access to a specific Amazon S3 bucket

Use these instructions to give us full read/write/list access to a single Amazon S3 bucket in your Amazon Web Services (AWS) account.

  1. Sign into your Amazon AWS S3 Management Console
  2. Click the Create Bucket button.
  3. Enter a bucket name, like atensoftware.YOURDOMAIN.com
  4. Select the US Standard region. (Do not set up Logging.)
  5. Click the Create button.
  6. Go to the Amazon AWS IAM Management Console
  7. Click Users on the side-bar.
  8. Click the Create New Users button.
  9. Enter atensoftware in box 1.
  10. Check the box to Generate an access key for each user.
  11. Click the Create button.
  12. Click the Show User Security Credentials link and leave the browser window/tab open.
  13. Go to our Secure Login and Password Form in a new browser window/tab.
  14. Select NOT APPLICABLE as the Shopping Engine.
  15. Copy the Access Key ID and Secret Access Key from the Amazon IAM User Security Credentials to our Secure Login and Password form, placing them in the Login and Password boxes, respectively.
  16. Enter the bucket name, e.g. atensoftware.YOURDOMAIN.com, in the Additional Notes box.
  17. Click the Submit button.
  18. Return to the Amazon IAM tab where you created the IAM user and click the Close button twice.
  19. Click on Groups in the side-bar.
  20. Click the Create New Group button.
  21. Enter atensoftware_group as the Group Name, and click Next Step.
  22. On the Attach Policy page, simply click the Next Step button to skip the step.
  23. On the Review page, click the Create Group button.
  24. Click the atensoftware_group group.
  25. Click the Add Users to Group button.
  26. Select the atensoftware user and click Add Users
    (At this point, the user and group have been created, but no permissions have been assigned.)
  27. Expand the Inline Policies section and click the click here link to create an inline policy.
  28. Select Policy Generator and click the Select button.
  29. Enter the following details:
    Effect: Allow
    AWS Service: Amazon S3
    Actions: All Actions
    Amazon Resource Name (ARN):
        arn:aws:s3:::atensoftware.YOURDOMAIN.com/*
        (Replace the bold part of the ARN with the name of your bucket)
    Do not Add Conditions
  30. Click the Add Statement button.
  31. Click the Next Step button.
  32. Click the Apply Policy button.

If later you decide to revoke the permissions, simply delete the user and the group that you created.