How can I use my own Amazon AWS S3 bucket storage with Zight?

For customers on our Zight for Business and Team plans, you have the ability to use your own Custom AWS buckets to store your team's Zight Drops.

To set this up you need an S3 Bucket and a set of AWS keys with read/write permission for it. Below are instructions on how to configure this for Zight.

1. Create an S3 Bucket in your AWS account as described here.
   
   When creating the bucket, under the Object Ownership section select ACLs Enabled and turn off Block All Public Access as shown below:
2. Once the bucket is created, go to the bucket’s Permissions Section and click Edit on the CORS configuration.
   

   

   Json from the above image:

   [ 
     { 
       "AllowedHeaders": ["*"], 
       "AllowedMethods": ["GET", "HEAD", "POST", "PUT"], 
       "AllowedOrigins": ["*"], 
       "ExposeHeaders": ["etag"] 
     } 
   ]

    

3. This is the minimum CORS policy you need:
   

   
   If you are also using a custom domain, you may need to include an additional AllowedOrigin line in the json. For example:

           "AllowedOrigins": [
               "*",
   	    "my.custom.domain"
           ],
   	

   .

    

4. With the bucket created we need to generate API keys that can access the bucket. We will do this with AWS IAM.
   
   The first step is to create the policy. Navigate to the Policy section of the IAM site and click Create Policy:
   Json from the above image:
   

   { 
     "Version": "2012-10-17", 
     "Statement": [ 
       { 
         "Sid": "VisualEditor0", 
         "Effect": "Allow", 
         "Action": [ 
           "s3:PutObject", 
           "s3:GetObject", 
           "s3:ListBucket", 
           "s3:DeleteObject", 
           "s3:PutObjectAcl" 
         ], 
         "Resource": [ 
           "arn:aws:s3:::zight-demo-bucket/*", 
           "arn:aws:s3:::zight-demo-bucket" 
         ] 
       } 
     ] 
   }

   
   

   
   On the next screen give the policy a name and optional description then click Create Policy
   

    

5. With the policy created, go to the group section and click Create GroupNext, set the group name and click next step
   On the next screen, use the search to find your policy and select the checkbox next to it, and then click the Next Step button
   And create the group

    

6. Now we create a user and add them to this group. Go to the Users section and select Add User
   Now give the user a name and choose the programmatic access option and then click the Next: Permissions button
   Select your group from the list and click next
   Skip past the next screen by hitting Next
   Make sure everything looks right and then click Create User
   Download or copy your keys
   

    

7. Now with your bucket and keys created, we need to enter them in your Zight account.
   

   Go to Settings > Storage Resources > Hit Submit for S3 and enter in your details.
   
   
   

    

If you need further assistance or have additional questions, we’d be happy to help! Please contact our support team here.