AWS S3

In AWS Console, to create an IAM user that has only programmatic access (no Console login) attached with AmazonS3FullAccess permissions, with Access Key/Secret Key to go with Mapfs Pro.

Create the IAM user (programmatic-only)

• Sign in to the AWS Management Console with an account that can manage IAM.
• Open IAM → Users → "Create user".
• User name: choose a descriptive name (e.g., mapfs-developer).
• Access type: uncheck "AWS Management Console access" (we do not want Console login). Leave only "Programmatic access" (this is often implied by creating an access key later; if the UI shows a checkbox, ensure console access stays disabled).
• Click "Next".

Attach permissions

• On "Set permissions", choose "Attach policies directly".
• Search for and select AmazonS3FullAccess.
• Proceed to "Next" and then "Create user".

Generate access keys

• After the user is created, open the new user → "Security credentials" tab.
• Under "Access keys", choose "Create access key".
• When prompted for the use case, pick "Third-party service" (or the equivalent option). This skips console/CLI guidance and focuses on programmatic use.
• Confirm and create. Immediately download the .csv or copy the Access Key ID and Secret Access Key; the secret cannot be retrieved later.

Store and share securely

• Pass the Access Key ID and Secret Access Key to mapfs through "$ mapfs add ...".
• Consider rotating keys periodically and deleting unused keys.

Region

AWS Console:

Click "Amazon S3" → Buckets → "Your Bucket Name";

In the left nav sidebar, Click Buckets → "General buckets purpose". Generally this is automatically selected.

In the right side of the same page, Click "Properties", check the "Bucket overview" → "AWS Region" value:

e.g. US West (Oregon) us-west-2

Then, the Region is "us-west-2".

References

• Creating an IAM user in your AWS account
• Managing access keys for IAM users