Preparing a Bucket

Create the bucket with your custom AWS account. Make sure the bucket is in the same region as your cluster.

Then, create an IAM user, copy the access key ID and secret, then configure the following user policy. This is important to make sure the access keys, which you will need to provide to your cluster, can only access the intended bucket.

{
  "Statement": [
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::bucket-name",
        "arn:aws:s3:::bucket-name/*"
      ]
    }
  ]
}

For more information on S3 and IAM, please consult AWS' S3-documentation and IAM-documentation.