You can restrict bucket access by setting it to a specific IAM role.

To set your bucket for a specific IAM role, follow the configuration steps below.

  1. Create a new IAM user, if required.
    Note: the IAM user can also be from a service account.
  2. Create an IAM Role(opens external page) if you do not already have one.
  3. Associate the IAM user with IAM Role.
  4. Create the bucket policy. The policy sets read/write access at the S3 bucket level.
  5. Associate the IAM Role with bucket policy.
    Note: this corresponds to the Role ARN step in Edit a connection.
  6. Generate keys for the IAM user, not the root level. You need both an access key ID(opens external page) and a secret access key.
  7. As shown in the screenshot below, enter the:
    •  Access key ID
    • Secret access key and
    • Role ARN for the IAM user when you create a new connection. 
Connect to a service.


We update Anapedia regularly to provide the most up-to-date instructions.