What S3 Bucket Storage does
Connect your own Amazon Web Services (AWS) S3 bucket so team members can load geospatial files from it and save maps to it. The files stay in your bucket. Only owners and admins can set this up.
You open this page from the S3 Bucket section of the team portal.
Enter the bucket details
- Bucket Name (required). The name of your S3 bucket.
- Region (required). Pick the AWS region where your bucket lives.
- Folder Prefix (optional). A prefix or folder for all ScribbleMaps files, such as
maps/ordata/.
Pick an authentication method
Choose how ScribbleMaps signs in to your bucket.
IAM Role (recommended)
IAM Role uses temporary credentials through AWS STS. There are no static keys to manage, so it is more secure.
- Copy the External ID with the copy button. You need it for the role's trust policy.
- Click Setup Instructions for the full steps. In short: - In the AWS IAM Console, create a role and choose Another AWS account as the trusted entity. - Enter the ScribbleMaps AWS Account ID shown in the instructions. - Check Require external ID and paste the External ID from this page. - Attach a policy that allows
s3:GetObject,s3:PutObject,s3:DeleteObject, ands3:ListBucketon your bucket. - Paste the role's ARN into the Role ARN field.
IAM Role is not available for AWS GovCloud regions.
Access Keys
Access Keys use an AWS Access Key ID and Secret Access Key. This method is required for AWS GovCloud regions.
- Enter your Access Key ID.
- Enter your Secret Access Key. It is stored encrypted. If a key is already saved, leave this field blank to keep it, or type a new value to replace it.
Save and test
- Click Save Settings.
- Click Test Connection to confirm ScribbleMaps can reach the bucket. This button works after the bucket is configured.
- Once it is set up, use the S3 Storage toggle to enable or disable the integration for your team.
Required CORS configuration
Your bucket needs a CORS rule so the browser can upload to it. Add this to the bucket's CORS settings:
[{"AllowedOrigins": [
"https://www.scribblemaps.com",
"https://team.scribblemaps.com",
"https://widgets.scribblemaps.com"
],
"AllowedMethods": ["GET", "PUT", "DELETE", "HEAD"],
"AllowedHeaders": ["*"],
"MaxAgeSeconds": 3000
}]
If team members cannot save or load files after setup, the bucket most likely still needs this CORS rule.
Comments
0 comments
Please sign in to leave a comment.