Anuj Garg (AnujG702)
Crum & Forster Insurance
Solutions Architect
Crum & Forster Insurance
AnujG702 Member since 2020 6 posts
Crum & Forster Insurance
Posted: April 8, 2021
Last activity: April 23, 2021
Posted: 8 Apr 2021 15:27 EDT
Last activity: 23 Apr 2021 2:45 EDT

IAM role for S3 Repository


We are using Pega 8.5.2 hosted on EKS. We have IAM role authorized for S3 access.

When we configure S3 as a repository, it asks for AccessKeyID and secret which are applicable for IAM user. We verified that s3 repo can be configured using IAM user. But we have a key rotation policy of 90 days for IAM user access key and secret.


  1. Is there a way to configure S3 repo using IAM instance profile role?
  2. If we use IAM user Access Key and Secret, is there a programmatic way to rotate these credentials in Pega every 90 days or so?
  3. Any other way to use S3 to store attachments?
***Edited by Moderator: Pooja Gadige to add platform capability tag***
Pega Platform 8.5.2 Cloud Services Client-managed Cloud Security Insurance Solutions Consultant