Skip to main content

Tigris Web Console

Tigris Web Console is the browser UI for creating buckets, uploading objects, managing access keys, and configuring bucket settings.

Getting Started

  1. Create an account at storage.new.
  2. Create a bucket with a unique name.
  3. Create access keys and upload data with any S3-compatible tool, library, or extension.

Manage access with IAM

Tigris supports fine-grained access control through familiar AWS-style IAM policies, including Condition blocks for IP and date-based restrictions.

In the Access Keys page of the Web Console you can:

  • Create access keys scoped to specific buckets with Admin, Editor, or ReadOnly permissions.
  • Attach IAM policies that allow or deny specific S3 actions (s3:GetObject, s3:PutObject, s3:ListBucket, etc.) at the bucket, prefix, or object level.
  • Use Condition blocks to restrict a key by source IP (IpAddress, NotIpAddress) or by time window (DateGreaterThan, DateLessThan, etc.) — useful for locking a key to a CI runner's IP range or auto-expiring a credential.

Policies use the standard AWS IAM JSON syntax (Version, Statement, Effect, Action, Resource, Condition), so existing AWS policies port over directly.

Two prebuilt roles control dashboard access for organization members: Member (list and create buckets) and Admin (full access plus member management).

See IAM Overview, Manage Access Keys, and IAM Policies.

Choose a storage tier

Each bucket has a default storage tier. Pick one based on access patterns:

  • Standard — frequently accessed data.
  • Infrequent Access — lower cost for data accessed less often.
  • Archive — lowest cost; objects need a restore step (~1 hour) before access.
  • Archive Instant Retrieval — low cost with no restore step.

Override the tier per object at upload time using the S3 storage class (STANDARD, STANDARD_IA, GLACIER, GLACIER_IR). See Storage Tiers.

Configure bucket settings

Open a bucket and click Settings to configure:

  • Public / Private Access — set the default ACL for the bucket, and optionally enable per-object ACLs. See Public Buckets and Object ACLs.
  • Snapshots and Forks — capture whole-bucket point-in-time snapshots and create zero-copy forks of them. Must be enabled at bucket creation time — can't be turned on for an existing bucket. See Bucket Snapshots and Forks.
  • Bucket Sharing — share a bucket with other organization members or outside collaborators. See Bucket Sharing.
  • Bucket Location, Cache Control, TTL, Object Lifecycle, Custom Domains, CORS, Object Notifications, and Deletion Protection.

For the full list, see Bucket Settings.

Migrate from another S3 provider

On a bucket's Settings page in the Web Console you can configure a shadow bucket that lazily migrates data from your existing S3-compatible bucket as it's accessed, with no upfront copy. With write-through mode enabled, new writes are mirrored back to the source so you can roll back until you're ready to cut over.

Open a bucket → SettingsEnable Data Migration → provide the source endpoint and credentials.

See Migrate to Tigris and the provider-specific guides: AWS S3, Google Cloud Storage, Cloudflare R2, MinIO, and other S3-compatible providers.

Last updated on by David Myriel