AWS S3

Last updated 13 days ago

Was this helpful?

AWS S3

You can configure your own AWS S3 bucket to receive location updates from Roam servers in daily batch uploads. This setup is ideal for teams that want to own and store location data directly in their cloud infrastructure.

Prerequisites

Before getting started, make sure you have:

An active AWS account
Permission to create S3 buckets, IAM policies, and IAM roles
Access to the

Step 1: Create an S3 Bucket

1.1 Open the AWS Console

1.2 Create a Bucket

Click Create bucket, and fill in the required fields:

Bucket name: Use something simple like roam-daily-location-dump
Region: Choose the AWS region closest to your infrastructure

Leave all other settings as default.

Click Create Bucket at the bottom to finish.

Step 2: Create an IAM Policy for Upload Access

To allow Roam to write data into your S3 bucket, you’ll need to create an IAM policy that grants s3:PutObject permission.

2.1 Go to IAM > Policies

From the AWS Console, search for and navigate to the IAM service.

Click Policies in the sidebar, then click Create policy.

2.2 Use JSON to Define the Policy

Switch to the JSON tab and paste the following:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:PutObject",
      "Resource": "arn:aws:s3:::roam-daily-location-dump/*"
    }
  ]
}

Replace roam-daily-location-dump with your actual bucket name.

2.3 Name and Create the Policy

Give your policy a name like S3UploadPolicy and click Create Policy.

Step 3: Create an IAM Role for Roam

This role allows Roam’s AWS account to securely upload data to your S3 bucket using temporary credentials.

3.1 Go to IAM > Roles

In the IAM console, click Roles in the sidebar, then click Create Role.

3.2 Choose “Custom trust policy”

When prompted for the type of trusted entity, choose Custom trust policy, and paste:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::218937252071:role/Roam-ingress-role"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

This grants Roam temporary permission to upload data to your bucket without exposing your AWS credentials.

3.3 Attach the Policy You Created

Search for the policy you created in Step 2 (e.g., S3UploadPolicy), and attach it to this role.

3.4 Name and Create the Role

Give your role a name like RoamS3UploadRole, add an optional description, and click Create Role.

Once the setup is complete, share the following details with your Roam/Echo contact:

AWS Account ID
S3 Bucket Name
AWS Region
IAM Role Name

This allows Roam to securely deliver your data to the correct destination.

Step 5: Access Your Data in S3

Once Roam begins uploading, you can access your data through the AWS Console.

Search for S3 and open the service. Find and select the bucket you created (e.g., roam-daily-location-dump).

You’ll now see location update files uploaded by Roam — organized by date or event.

✅ What You Should See After a Successful Setup

Your S3 bucket will begin receiving data from Roam
Files will be stored as individual objects with timestamps
All uploads will follow secure, permissioned access only via the IAM role you created