Set up an AWS Transfer Family web app

1. Open HAQM S3 Access Grants console, and choose Create S3 Access Grants instance.

2. Select Add IAM Identity Center instance. For IAM Identity Center instance ARN, enter the InstanceARN you copied in Task 1 and choose Next.

3. By selecting on Next, a S3 Access Grants instance will be created in the background.

4. Select Cancel. (Note: This is for ease of Creating a new IAM Role).

1. Choose the Locations tab.

2. On the Register location page, do the following:

• For the Scope, select Browse and choose your bucket. 
  • Note that the scope begins with the string s3://.
• For the IAM role, choose Create new role. 
  • This role allows S3 Access Grants to access your specified location scope. 

3. Choose Register location to continue.

1. Choose Create Grant.

2. For Location, choose Browse locations, then choose the location that you registered in the Register a location section. Then select Choose path.
 

3. On the Path page, do the following:

• For Subprefix, enter * to indicate that the access grant applies to the entire bucket.
• For Permissions, select Read and Write.
• For Grantee type, select Directory identity from IAM Identity Center.
• For Directory identity type, select User.
• For IAM Identity Center user ID, enter the user ID you copied in Task 1.
  

4. Choose Create Grant.