Adding a S3 Bucket

This guide will walk you through the process of granting our application secure, read-only access to your Amazon S3 bucket.

Prerequisites

• An AWS account with administrator permissions (to create IAM users and policies).
• The name of the S3 bucket you want to connect to.

Step 1: Create an IAM User and Access Key in AWS

For security reasons, we recommend creating a dedicated user with limited permissions instead of using your root AWS account credentials.

1.1 Create a New IAM PolicyFirst, we'll create a custom policy that grants read-only access to only the specific bucket you want to connect.

1. Go to the IAM Console → Policies → Create policy.
2. Click the JSON tab and paste the following policy. Replace YOUR_BUCKET_NAME with the actual name of your bucket.
   

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:Get*",
                "s3:List*",
                "s3:Describe*",
                "s3-object-lambda:Get*",
                "s3-object-lambda:List*"
            ],
            "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
        }
    ]
}

1. Click Next, give your policy a descriptive name (e.g., ReadOnlyAccessTo-MyKnowledgeBaseBucket), and then Create policy.

‍1.2 Create a New IAM User

1. Go to the IAM Console → Users → Create user.
2. Enter a descriptive User name (e.g., knowledge-base-s3-reader).
3. Do not check the "Provide user access..." box. We will attach the policy directly.
4. Click Next.

1.3 Attach the Permissions Policy

1. Under Set permissions, select Attach policies directly.
2. In the permissions list, search for and select the custom policy you created in step 1.1.
3. (Optional but recommended) Also search for and select the managed policy AmazonS3ReadOnlyAccess. This is a backup for general listing, but your custom policy will enforce the bucket-specific restriction.
4. Click Next, review the user details, and click Create user.

1.4 Generate Access Keys

1. Click on the newly created user name to go to its summary page.
2. Go to the Security credentials tab.
3. Scroll to the Access keys section and click Create access key.
4. Select Third-party service and check the confirmation box.
5. Click Create access key.
6. CRITICAL: Copy the Access Key ID and Secret Access Key and store them in a secure place (e.g., a password manager). The Secret Access Key will be shown only once and cannot be recovered later.

Step 2: Add the S3 Bucket as a Data Source

Now, configure the connection within the knowledge base application.

1. From your knowledge base, navigate to “Upload & Index” → “Data Sources”.
2. Click “+ Add Data Source”.
3. Choose the Amazon S3 icon.

Step 3: Configuration

3.1 Name Your Data SourceAssign a meaningful name to help you identify this connection later (e.g., "Marketing Docs S3 Bucket").

3.2 Provide AWS Credentials & Bucket Details

1. Access Key ID: Paste the Access Key ID you generated in Step 1.4.
2. Secret Access Key: Paste the Secret Access Key you saved.
3. Bucket Name:
   • Go to your Amazon S3 console.
   • In the Bucket name column, find and copy your bucket's name.
4. S3 Region:
   • In the same S3 console, look at the Region column for your bucket.
   • Copy only the region code (e.g., us-east-1, ap-southeast-1). Do not copy the full name.

3.3 Finalize Connection
‍Click Connect or Save to establish the connection. The application will test the credentials and access to the bucket. If successful, it will begin indexing your files.

‍