Storage setup

Setting up AWS S3

AWS S3 is the household name in cloud storage and a fine choice if you already live in AWS. This guide keeps your AWS root account out of VOD Manager by creating a least-privilege IAM user — a separate access key that can only work with your archive bucket. Watch out for egress fees: AWS bills downloads to the internet.

Storage cost

~$0.023 / GB

S3 Standard in us-east-1 runs about $2.30 for 100 GB. The 12-month free tier covers small starter usage.

Downloads

~$0.09 / GB egress

Downloads bill at ~$0.09 per GB after a small monthly free allowance. Heavy editors should compare with R2 or B2.

Setting to keep

Block all public access

Leave Block all public access ON. Your VOD archive should be private; VOD Manager doesn't need public files.

Walkthrough

Five steps to a least-privilege bucket

01

Step 1

AWS account check

If you already have an AWS account from work, school, or another project, you can use it. If you need a new account, sign up at AWS.

  • Open AWS sign up .
  • AWS often includes a 12-month free tier for some S3 usage, but it's not unlimited. Treat the free tier as a starter allowance, not a promise that a large video archive will stay free.
  • Never use root account access keys for VOD Manager — IAM users are safer and revocable.
02

Step 2

Pick your region

Your region is where AWS stores the bucket. It affects price a little, but matters more for upload distance. Pick the region before you create anything, then keep the AWS console set to that region while you work.

For many US streamers, us-east-1 is the cheapest and most documented choice. West Coast streamers may prefer us-west-2. European streamers can start with eu-west-1. The best answer is usually the region closest to where you upload from.

03

Step 3

Create the S3 bucket

  1. Open the S3 section in the AWS console and choose Create bucket.
  2. Use a globally unique name, such as vod-manager-yourname-archives. Bucket names are shared across AWS, so simple names are usually taken.
  3. Set the region to the region you picked in Step 2.
  4. Block all public access: leave ON. Your VOD archive should be private.
  5. Leave bucket versioning Disabled unless you already know why you need it. The default SSE-S3 encryption is fine.
  6. Create the bucket and copy the exact name. You'll need it for the IAM policy and the VOD Manager connection form.
04

Step 4

Create a least-privilege IAM user

  1. Open the IAM section in the AWS console, find Users, and choose Create user.
  2. Name the user vod-manager. Don't enable AWS Management Console access — VOD Manager only needs programmatic access (an access key used by an app).
  3. For permissions, choose Attach policies directly, then create a policy with the JSON below. Replace YOUR-BUCKET-NAME with your real bucket name in both places.
  4. Save the policy as vod-manager-bucket-rw, attach it to the user, and finish creating the user.
  5. Open the new user, go to Security credentials, and create an access key. Choose Application running outside AWS as the use case.

Reference

The minimal IAM policy

Paste this into AWS, then replace every YOUR-BUCKET-NAME placeholder with your bucket name. ListBucket and HeadBucket let VOD Manager test the connection; PutObject, GetObject, and DeleteObject let it archive files and remove old ones during auto-purge. 

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:ListBucket",
                "s3:HeadBucket"
            ],
            "Resource": [
                "arn:aws:s3:::YOUR-BUCKET-NAME",
                "arn:aws:s3:::YOUR-BUCKET-NAME/*"
            ]
        }
    ]
}
05

Step 5

Connect VOD Manager

  • Provider: AWS S3.
  • Endpoint: leave blank. AWS uses its normal regional endpoint automatically.
  • Region: the region you picked, e.g. us-east-1.
  • Bucket: the exact bucket name.
  • Access Key ID and Secret Access Key: the values from the IAM user.
  • Click Test connection. VOD Manager runs a tiny write, read, and cleanup check so you know the key can use the bucket.

Troubleshooting

Common issues

Access denied on PutObject

The policy is missing s3:PutObject, or one of the bucket ARNs doesn't match your real bucket name.

Bucket not found

The bucket may be in a different region than the one you entered in VOD Manager.

InvalidAccessKeyId

The access key may have a typo, or you may have pasted the IAM user's username/password instead of the access keys.

Pricing

What S3 costs after the free tier

S3 Standard in us-east-1 is about $0.023 per GB each month, or about $2.30 for 100 GB. Storage is the cheap part. Downloads to the internet commonly run ~$0.09 per GB after the monthly free allowance.

If your archive is mostly a backup, S3 can be reasonable. If you regularly pull full VODs back down for editing, compare with Cloudflare R2 first — R2's no-egress model is easier to predict for heavy editors.

Connect your Twitch account for real numbers

Keep reading

Related guides

Compare

S3 vs other providers

See how AWS S3 stacks up against R2, B2, Wasabi, and the cloud-drive options.

More details

Sibling guide

Setting up Cloudflare R2

Pricier than B2 but no egress fees — often the better S3-style pick for streamers.

More details

Sizing

How much storage do I need?

Estimate based on how often and how long you stream.

More details

Last step

Save VODs to your existing AWS account

Connect the bucket once, then let VOD Manager save new Twitch streams there automatically after Twitch finishes processing them.

Get started Compare options

AWS may change UI, IAM wording, pricing, free tier, or S3 rules. This guide was written from AWS-owned pages, including S3 bucket creation, IAM user creation, S3 pricing.