Knowledge Center
Get familiar with Applivery and explore the features

Custom storage regions

Please note that these features are only available under certain Organization Plans.
Take a look to the pricing page to read more.

Customers can now manage their own storage regions in AWS S3. This tutorial will help you properly configure your custom storage region in AWS.

Step 1 - Bucket creation

Login in your Amazon Web Services console with your credentials. Once inside go to the Storage > S3 section and click the “Create bucket” orange button.

Fill out your bucket information (Bucket name and Region).

Then scroll down until the “Block Public Access settings for bucket” section and juse select the following two options:

  • Block public access to buckets and objects granted through new public bucket or access point policies
  • Block public and cross-account access to buckets and objects through any public bucket or access point policies
  • I acknowledge that the current settings might result in this bucket and the objects within becoming public.

Scroll down and click the “Create bucket” orangen button.

Step 2 - Credentials

Now we recommend to create a new AWS User and credentials. Go to AWS IAM > Users section and create the “Add user” button. Select a user name and choose the “Programmatic access” option under the access type section.

Click Next, and follow the steps 2, 3 and 4 without changing anything, maintaining the default options and finish by clicking “Create user” button. The user credentials will be displayed, copy and store them securely. You will have to provide them to our team.

Step 3 - Grant permissions

Now we have to grant some additional permissions to the new user. For this example we will use the Inline AWS policies but as an alternative you can create a new policy and attach it to the user.

Click on the new user and click “Add inline policy” under the Permissions tab. Use the “{} JSON” editor and enter the following AWS Policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::mycustom-private-bucket",
                "arn:aws:s3:::mycustom-private-bucket/*"
            ]
        },
        {
            "Effect": "Deny",
            "Action": [
                "s3:CreateBucket",
                "s3:DeleteBucket"
            ],
            "Resource": [
                "arn:aws:s3:::mycustom-private-bucket",
                "arn:aws:s3:::mycustom-private-bucket/*"
            ]
        }
    ]
}

Note that you have to substitute the arn:aws:s3:::mycustom-private-bucket with the  ARN of the bucket you created in the previous step.