Getting Started with Data Share: S3
s3:PutObject
and optionally s3:PutObjectAcl
on the correct S3 path.
Attach this permissions policy to the role. It grants s3:PutObject
and related permissions, but only for a specific prefix in the bucket:
your-bucket-name
and specific/prefix/
with your actual bucket name and desired prefix.
their-company-data
uploads/your-team/
Information | Purpose |
---|---|
Role ARN | So Explo can assume the cross-account role |
Bucket name | Where the files go |
AWS Region | Which AWS Region the S3 bucket is in |
Prefix path | Folder Explo is allowed to write to |
Permissions (their side) | To write objects |
Optional: Bucket policy access | To avoid “Access Denied” errors |