# AWS S3 ### Set up Aamazon S3 #### Create IAM User First we advice to create a dedicated user for API access. Please read more in [Creating an IAM User in Your AWS Account](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html#id_users_create_console). During cretion assign "Programmatic access" to this user. On the last screen copy *Access key ID* and *Secret access key*. These will be used later for plugin configuration. You can also download these credentials. #### Create a bucket Proceed to S3 service and click "Create". The wizard will open. One the first step set you bucket name

One the first step set you bucket name (for example, *ncuploads*) and select your region.

One the second step you can configure different options or simply skip it

One the third step you must uncheck "Block all public access", otherwise API will not have access to your bucket.

One the last step review your settings and click on "Create bucket". The bucket will be created and you will see it in the list. #### Set up public access policy

To enable public access for your bucket you should set a special policy rule. Proceed to your bucket > *Permissions* > *Bucket Policy* and paste the following rule: { "Version": "2012-10-17", "Statement": \[ { "Sid": "AllowPublic", "Effect": "Allow", "Principal": { "AWS": "\*" }, "Action":\[ "s3:PutObject", "s3:PutObjectAcl", "s3:GetObject", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource": "arn:aws:s3:::ncuploads/\*" } ] } Of course you should change *ncuploads* to your actual bucket name. ### Plugin Configuration When S3 bucket is created we are ready to configure the plugin.

1. Install Aamazon S3 storage plugin 2. Proceed to configuration 3. Set the parameters: * Access key ID - your access key ID; * Secret access key - the key associated with access key; * Bucket - the name of the bucket; * Prefix (folder) - if you created a folder inside your bucket then set the name of it here; * Region - your region * Storage Class - select from "Standard" or "Reduced Redundancy"