You've just signed up for our Figma Backup tool and now you want to configure a custom S3 bucket to store your files to? In order to secure your data it's always advised to create the least possible privilege IAM policy for your S3 bucket.

This is good practice generally speaking. See also here: https://aws.amazon.com/blogs/security/techniques-for-writing-least-privilege-iam-policies/

Here's the least privilege IAM policy as a YAML config (please make sure to replace BUCKET_NAME with your buckets name):

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObjectVersion",
"s3:ListBucketVersions",
"s3:ListBucket",
"s3:DeleteObject",
"s3:PutBucketVersioning",
"s3:GetObjectVersion"
],
"Resource": [
"arn:aws:s3:::BUCKET_NAME/*",
"arn:aws:s3:::BUCKET_NAME"
]
}
]
}

In order to configure a custom IAM simply log into your AWS dashboard, then navigate to the IAM admin section, then click on "Policies".

Then click on "Create Policy" to create your custom IAM policy:

The visual editor will show up, now click on "JSON" to enter the YAML config presented above.

Afterwards simply apply that YAML config to a API user and you should be good to go.

Insert the AWS credentials in the settings page of the backup tool and future backups will automatically stored to your custom S3 bucket.

Did this answer your question?