Link Search Menu Expand Document

Prepare Your AWS S3 Bucket

  1. From the S3 Administration console, choose Create Bucket.
  2. Make sure you:
    1. Block public access
    2. Disable Object Locking
  3. lakeFS requires permissions to interact with your bucket. Following is a minimal bucket policy. To add it, go to the Permissions tab, and paste it as :

      "Id": "Policy1590051531320",
      "Version": "2012-10-17",
      "Statement": [
          "Sid": "Stmt1590051522178",
          "Action": [
          "Effect": "Allow",
          "Resource": ["arn:aws:s3:::<BUCKET_NAME>", "arn:aws:s3:::<BUCKET_NAME_WITH_PATH_PREFIX>/*"],
          "Principal": {
            "AWS": ["arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE>"]

    Replace <ACCOUNT_ID>, <BUCKET_NAME> and <IAM_ROLE> with values relevant to your environment. IAM_ROLE should be the role assumed by your lakeFS installation.

    Alternatively, if you use an AWS user’s key-pair to authenticate lakeFS to AWS, change the policy’s Principal to be the user:

     "Principal": {
       "AWS": ["arn:aws:iam::<ACCOUNT_ID>:user/<IAM_USER>"]

You are now ready to create your first lakeFS repository.