Getting Started with Data Share: S3
us-east-1
as that is the default:
us-east-1
: arn:aws:iam::251497699814:root
eu-central-1
: arn:aws:iam::266735830005:root
ap-southeast-1
: arn:aws:iam::897722681642:root
us-gov-east
: arn:aws-us-gov:iam::184115685153:root
s3:PutObject
and optionally s3:PutObjectAcl
on the correct S3 path.
Attach this permissions policy to the role. It grants s3:PutObject
and related permissions, but only for a specific prefix in the bucket:
your-bucket-name
and specific/prefix/
with your actual bucket name and desired prefix.
their-company-data
uploads/your-team/
Information | Purpose |
---|---|
Role ARN | So Explo can assume the cross-account role |
Bucket name | Where the files go |
AWS Region | Which AWS Region the S3 bucket is in |
Prefix path | Folder Explo is allowed to write to |
Permissions (their side) | To write objects |
Optional: Bucket policy access | To avoid “Access Denied” errors |