How to create a private S3 bucket for PDA Protected Videos

In this tutorial, we will show you how to create a private Amazon S3 bucket and get the user access key for our PDA Protect Videos extension.

Log in to the AWS Console

  • Already have an Amazon Web Services (AWS) account? Sign in here.
  • If you don’t have an AWS account yet, you will need to sign up here.

Create an Amazon S3 bucket

Step 1: In AWS console, go to S3 Management Console at

Step 2: Click on “Create Bucket” button to create a new S3 bucket.

Step 3: It will bring up a popup window where you can enter your bucket name and select its region.

The bucket must be unique and won’t be able to be changed after created. Please refer to Rules for Bucket Naming for more information.

Click “Create” to go to the next step.

Step 4: Leave the setting as default under Configuration options and Set permissions to create a private bucket.

Make sure the “Block all public access” option is checked. Review all your settings last time before clicking on “Create bucket” icon.

Note: If you’re creating a new bucket to store HLS output files/folders, please uncheck the “Block all public access” option so that you can grant .ts files public access later on.

Create an IAM user

Step 1: In AWS console, go to IAM Management Console at

Step 2: Click on “Add user” to create a new user.

  • Enter a name for the user in the Username field
    • Names are case-insensitive and must be unique within your AWS account. Usernames can be a combination of up to 64 letters, digits, and these characters: plus (+), equal (=), comma (,), period (.), at-sign (@), and hyphen (-).
  • Under AWS access type check Programmatic access only

Create IAM policy

Step 1: Set permissions by clicking on “Attach existing policies directly” button and then “Create policy” button.

Step 2: Insert the following code snippet to your policy file using JSON. Remember to change your S3 bucket name accordingly.

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "POLICYPDAS3",
            "Effect": "Allow",
            "Action": [
            "Resource": [

Step 3: Once done, double check if everything is alright by searching your newly created policy.

Finally, click on “Create user” button.

Download Access Key ID file

The security credentials for the user including AWS Key and AWS Secret will be shown to you. Amazon will not display this information again so please download the .csv file and keep them somewhere safe.

If they’re lost, you can always create a new set of keys but you cannot get the current secret key again later.

Use your own bucket with PDA Protect Videos

Go back to our extension’s settings and input the information you get above to under “Amazon S3 Configuration” section.

Next step: Configure a CloudFront Distribution for PDA Protected Videos

Lasted updated on September 21, 2021