Skip to main content

Enabling Amazon S3 Storage

Detailed steps required to enable Amazon S3 as a file storage location

Updated over a month ago

Step 1 - Create a role to allow access to external S3 bucket

Navigate to IAM:

Within IAM, navigate to "Roles" and select "Create Role":

Create the Role with the following details:

  1. Entity type is "AWS Account"

  2. "This Account" is ticked

  3. "Require External ID" is ticked

  4. Specify an External ID that Dcisive will use to connect

Click "Next" on the permissions screen without changing anything.

Within the "Name, review and create" screen, enter the "Role name" and "Description", then click "Create Role".

Ensure the role trusted entities is per the screenshot below, replacing the "sts:ExternalID" with the actual external ID created.

Sample JSON:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::767398120428:root"
            },
            "Action": "sts:AssumeRole",
            "Condition": {
                "StringEquals": {
                    "sts:ExternalId": "SPECIFY ID HERE"
                }
            }
        }
    ]
}

Confirm that the role has been created and click on the role.

Within the role click the "Add Permissions" button and select the "Create Inline Policy" option:

Within the "Create Policy" screen, select the "JSON" option:

Overwrite the policy editor JSON with the below, ensuring to replace the <bucket name> with the actual name of the bucket:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::<bucket name>"
        },
        {,
            "Effect": "Allow",
            "Action": "s3:ListAllMyBuckets",
            "Resource": "arn:aws:s3:::<bucket name>"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::<bucket name>/*"
        }
    ]
}

Step 2 - Provide Role details to Dcisive

You will need to provide the following information within Dcisive:

  1. Role ARN

  2. External ID (set up in step 1)

  3. Region

Navigate to the role created in step 1 and copy the ARN

Within Dcisive, navigate to "Storage" within the "Settings" screen. Select "Add Storage"

Enter the storage details per the information captured earlier and click "Connect":

Verify that the connection input contains the green "Connected" indicator (contact Dcisive if connection cannot be established).

Specify the connection name and select the appropriate bucket. Click "Save".

Related Articles
Enabling Google Drive Storage
Enabling Azure Blob Storage
Enabling Salesforce Storage
Enabling Sharepoint Storage
Did this answer your question?