You may configure your own connection to an AWS S3 bucket where your generated report data will be stored.

To set this up, the following information is necessary:

  • User Access Key ID
  • Access secret
  • S3 bucket name
  • Region
  • Expiration Limit (in hours) for the Presigned URL - a value between 1 and 168

Create an IAM user in AWS

  1. In the AWS Console, go to IAM → Users → Create user.
  2. Enter a user name (e.g. pushmetrics-s3).
  3. Attach the AmazonS3FullAccess managed policy (or a scoped-down policy limited to your bucket).
  4. Go to Security credentials → Create access key and select Third-party service as the use case.
  5. Note down the Access Key ID and Secret Access Key. The secret is only shown once.

Note: PushMetrics currently requires IAM user credentials (Access Key ID + Secret Access Key). IAM role assumption is not supported at this time.

Configure the bucket in AWS

  • Create an AWS S3 bucket in a region of your choice.
  • Enable AES256 encryption.
  • Add the following bucket policy (replace your-bucket-name with your actual bucket name):
{
  “Version”: “2012-10-17”,
  “Id”: “PushMetricsS3BucketPolicy”,
  “Statement”: [
    {
      “Sid”: “AllowPushMetricsAccess”,
      “Effect”: “Allow”,
      “Principal”: {
        “AWS”: “arn:aws:iam::133737826969:user/pushmetrics”
      },
      “Action”: [
        “s3:GetObject”,
        “s3:PutObject”,
        “s3:ListBucket”
      ],
      “Resource”: [
        “arn:aws:s3:::your-bucket-name/*”,
        “arn:aws:s3:::your-bucket-name”
      ]
    }
  ]
}

Tip: The Principal entry above grants PushMetrics' own AWS user access to your bucket so that PushMetrics can store and retrieve your generated report data. You must also ensure the IAM user you created in the previous step has permission to access this bucket (via the attached IAM policy).