Using S3 as a storage source means that Spinnaker will store all of its persistent data in a Bucket.

:warning: Alternatively, it is possible to use Minio instead of the real S3 if you are looking for a local persistant storage solution for Spinnaker that is compatible with the S3 API.


You need an AWS Account, and a role or user configured with s3 permissions.

To grant a user or role s3 permissions, refer to the AWS documentation for creating roles for a user, and make sure that both user and role policies grant access to “s3:*”.

If you are running Spinnaker on an EC2 instance, the instance profile of the instance Spinnaker is running on must have s3 permissions. If you are running Spinnaker elsewhere (like within Kubernetes) you will need the access key (secret access key & access key id) of the user you are connecting with in order to authenticate with s3. This user must have s3 permissions.

Editing your storage settings

If you do not already have a bucket that you want to use, Halyard will create one for you (either with the --bucket name provided, or with a random string generated matching spin-<uuid>). In either case, you will need to to supply the new bucket’s desired region (e.g. REGION=us-west-2).

To configure the S3 settings, run the following (notice, do not supply the value of --secret-access-key on the command line, you will be prompted to enter the value on STDIN once the command has started running):

hal config storage s3 edit \
    --access-key-id $YOUR_SECRET_KEY_ID \
    --secret-access-key \
    --region $REGION

If you instead already have a bucket you want to use, or you want to change the bucket’s root folder, check out the additional command parameters in the command reference.

Finally, set the storage source to S3:

hal config storage edit --type s3

Next steps

After you’ve set up S3 as your external storage service, you’re ready to deploy Spinnaker.