Configure IAM permissions

Though you could now attempt uploading photos via AWS Amplify, Amplify would use your Cognito Identity Pool roles that were created in module 1 which currently has no policies associated so you would not have access to the S3 bucket created. You need to next update our roles to have policies that grant access to our S3 photo bucket.

High-Level Instructions

Browse to the IAM console and find your Cognito Identity Pool’s authenticated user role. Create an in-line policy on this role which provides for S3 bucket protected and private-level access per-user by leveraging IAM policy variables.

Step-by-step instructions (expand for details)