Which permissions are required for an S3 bucket?

Background

If you are using S3 as your storage option, you will need to provide the credentials for an IAM user with permissions on the bucket to be used.

Answer

The decisive parts of the policy are the following:

"Statement": [
        {
            ...
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": "*"
        }
    ]

→ to list the buckets available in your account

"Statement": [
        {
            ...
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::<your bucket name>",
                "arn:aws:s3:::<your bucket name>/*"
            ]
        }
    ]

→ to upload videos and metadata to the selected S3 bucket.

If you don’t want to use an existing bucket but create a new one within the Confluence configuration, your user will also need the permission to create a bucket (“s3:CreateBucket”).