How to Configure AWS S3 as a Binary Store for JFrog Artifactory

🧩 1. Create an S3 Bucket

• Log in to your AWS Management Console.
• Go to S3 → Create Bucket.
• Enter a unique bucket name (e.g., jfrog-artifactory-binaries).
• Select the appropriate region (e.g., eu-west-2).
• Keep Block all public access enabled (recommended).
• Click Create bucket.

🔑 2. Create an IAM User for Artifactory

• Go to IAM → Users → Create user.
• Give it a name, e.g., jfrog-artifactory-s3.
• Attach a policy to allow S3 access. You can use this minimal JSON policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::{YOUR S3 BUCKET NAME}",
                "arn:aws:s3:::{YOUR S3 BUCKET NAME}/*"
            ]
        }
    ]
}

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::{YOUR S3 BUCKET NAME}",
                "arn:aws:s3:::{YOUR S3 BUCKET NAME}/*"
            ]
        }
    ]
}

• Save the Access key ID and Secret access key.

⚙️ 3. Update binarystore.xml

• Navigate to your Artifactory home directory, usually:

/var/opt/jfrog/artifactory/etc/artifactory/

/var/opt/jfrog/artifactory/etc/artifactory/

• Open or create the file:

binarystore.xml

binarystore.xml

• Replace the placeholders with your actual values:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<config version="2">
    <chain template="s3-storage-v3-direct"/>
    <provider type="s3-storage-v3" id="s3-storage-v3">
        <bucketName>YOUR-BUCKET-NAME</bucketName>
        <endpoint>s3.{REGION}.amazonaws.com</endpoint>
        <identity>YOUR_AWS_ACCESS_KEY_ID</identity>
        <credential>YOUR_AWS_SECRET_ACCESS_KEY</credential>
        <region>YOUR-REGION</region>
    </provider>
</config>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<config version="2">
    <chain template="s3-storage-v3-direct"/>
    <provider type="s3-storage-v3" id="s3-storage-v3">
        <bucketName>YOUR-BUCKET-NAME</bucketName>
        <endpoint>s3.{REGION}.amazonaws.com</endpoint>
        <identity>YOUR_AWS_ACCESS_KEY_ID</identity>
        <credential>YOUR_AWS_SECRET_ACCESS_KEY</credential>
        <region>YOUR-REGION</region>
    </provider>
</config>

🧹 4. Set Permissions

Ensure the binarystore.xml has correct permissions:

sudo chown artifactory:artifactory /var/opt/jfrog/artifactory/etc/binarystore.xml
sudo chmod 600 /var/opt/jfrog/artifactory/etc/binarystore.xml

sudo chown artifactory:artifactory /var/opt/jfrog/artifactory/etc/binarystore.xml
sudo chmod 600 /var/opt/jfrog/artifactory/etc/binarystore.xml

🔄 5. Restart Artifactory

Restart the Artifactory service to apply the new binary store configuration:

sudo systemctl restart artifactory

sudo systemctl restart artifactory

Or if using Docker:

docker restart <artifactory-container-name>

docker restart <artifactory-container-name>

✅ 6. Verify Configuration

• Log in to JFrog Artifactory → Admin → Storage → Binary Providers.
• Ensure the S3 provider is listed as the active binary store.
• Upload an artifact and confirm it appears in your S3 bucket.