The following step-by-step instructions describe how to configure access permissions for VisualLayer in your AWS Management Console so that you can use an S3 bucket to load and unload data:
Log into the AWS Management Console
From the home dashboard, search for and select IAM
From the left-hand navigation pane, select Account settings
From the left-hand navigation pane, select Policies
Select Create Policy
For Policy editor, select JSON
Add a policy document that will allow VisualLayer to access the S3 bucket. Copy and paste the text into the policy editor:
🚧 Make sure to replace <bucket> with your actual bucket name
To configure access permissions for VisualLayer in the AWS Management Console, do the following:
From the left-hand navigation pane in the Identity and Access Management (IAM) Dashboard, select Roles
Select Create role
Select AWS account as the trusted entity type
In the Account ID field, enter your own AWS account ID temporarily. Later, you modify the trust relationship and grant access to VisualLayer
Select the Require external ID option. An external ID is used to grant access to your AWS resources (such as S3 buckets) to a third party like VisualLayer. Enter a placeholder ID such as 0000
In a later step, you will modify the trust relationship for your IAM role and specify the external ID for your storage integration and click Next
Select the policy you created in Step 1 and click Next
Enter a name and description for the role, then select Create role. You have now created an IAM policy for a bucket, created an IAM role, and attached the policy to the role
On the role summary page, locate and record the Role ARN value, you will be asked to send it to us in step 4
Step 3: Grant the IAM User Permissions to Access Bucket Objects
The following step-by-step instructions describe how to configure IAM access permissions for VisualLayer in your AWS Management Console so that you can use a S3 bucket:
Log in to the AWS Management Console
Select IAM
From the left-hand navigation pane, select Roles
Select the role you created in Step 2
Select the Trust Relationships tab
Select Edit Trust Policy and insert the following: