AWS setup~10 min
Connect AWS in 3 simple steps
You will create a permission policy, run the IAM “create role” wizard (trust policy, attach that policy, name the role), then paste your role ARN here. No AWS expert knowledge required—just follow the steps in order.
Want the same flow with AWS Console screenshots? See the detailed screenshot guide.
First, create a permission policy. It tells AWS which actions are allowed for this app—things like listing buckets, uploading files, and fixing browser upload settings (CORS).
- Open the AWS console and go to IAM → Policies.
- Click Create policy.
- Open the JSON tab.
- Delete any sample text, then paste the policy below.
- Click Next. On the review screen, enter a policy name. A good default is below—click it to copy; you will paste or type the same name when searching for the policy in Step 2. A toast will say Copied when it works.(You can use a different name—just use it consistently.)Then click Create policy.
You will attach this policy when you create the role in Step 2—remember the name you chose.
Permission policy JSON (paste in IAM)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "BucketListAndCreate",
"Effect": "Allow",
"Action": ["s3:ListAllMyBuckets", "s3:CreateBucket"],
"Resource": "*"
},
{
"Sid": "BucketConfigAndCors",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetBucketCors",
"s3:PutBucketCors",
"s3:GetBucketPublicAccessBlock",
"s3:PutBucketPublicAccessBlock"
],
"Resource": "arn:aws:s3:::*"
},
{
"Sid": "ObjectReadWriteDelete",
"Effect": "Allow",
"Action": ["s3:GetObject", "s3:PutObject", "s3:DeleteObject"],
"Resource": "arn:aws:s3:::*/*"
}
]
}What's next?
Sign in when you are ready to verify your role in Step 3. Until then, you can still build the policy and role in AWS using Steps 1–2.
Having trouble?
Short answers to common setup problems.