Supported providers

OTIS supports Amazon S3, Cloudflare R2, MinIO, and any other S3-compatible storage that supports AWS Signature V4 authentication.

IAM permissions required

Create an IAM user or role with the following permissions on your bucket: s3:PutObject, s3:GetObject, s3:DeleteObject, s3:ListBucket. Scope the policy to the specific bucket — do not grant full S3 access.

Connection settings

Bucket name: the name of your S3 bucket. Region: the AWS region (e.g. eu-west-2). For MinIO or R2, use the region your provider specifies. Access key: your IAM access key ID. Secret key: your IAM secret access key. Key prefix: optional folder prefix within the bucket (default: otis). Custom endpoint: for MinIO or R2, enter the endpoint URL (e.g. https://minio.company.com or https://your-account.r2.cloudflarestorage.com).

For MinIO

Enter your MinIO server URL as the custom endpoint. Use the access key and secret key from your MinIO configuration. The region can be set to any value — MinIO ignores it but requires a non-empty string.

For Cloudflare R2

Enter your R2 endpoint URL (https://your-account-id.r2.cloudflarestorage.com) as the custom endpoint. Use your R2 API token credentials. Set region to auto.

Verifying the connection

OTIS tests the connection by writing and reading a small test file before completing setup. If verification fails, check your IAM permissions and that the bucket exists in the specified region.

Was this article helpful?

Contact support