This guide shows you how to set up S3 bucket replication to Simple Proof for automatic timestamping on Bitcoin blockchain via OpenTimestamp.

Reference Tutorial: This guide follows the AWS tutorial: How to Enable S3 Replication Across Different AWS Accounts

Overview

You will replicate your S3 bucket to a Simple Proof destination bucket in our AWS account. This requires two email exchanges: first to get our account details, then to provide us with your IAM role ARN so we can configure the destination bucket policy.

Prerequisites

AWS account with S3 access
Existing S3 source bucket with versioning enabled
Email access to contact Simple Proof

Step 1: Request Simple Proof Account Details

📧 First Email to: support@simpleproof.com

Subject: S3 Replication Setup - Account ID and Destination Bucket Request

Dear Simple Proof Team,

I want to set up S3 bucket replication for blockchain timestamping.

My Source Bucket Details:
- Bucket Name: [your-source-bucket-name]
- Region: [e.g., us-east-1]
- My AWS Account ID: [your-12-digit-account-id]

Please provide:
- Simple Proof AWS Account ID
- Destination bucket name and region

I will create the IAM replication role and send you the ARN in a follow-up email.

Best regards,
[Your Name]
[Your Email]

⏳ Wait for Simple Proof response before proceeding to Step 2.

Step 2: Create IAM Replication Role

After receiving Simple Proof's account details, create the IAM role:

2.1 Enable Versioning (if not already enabled)

Go to your source S3 bucket
Click Properties tab
Find Bucket Versioning → Edit
Select Enable → Save changes

2.2 Create Replication Rule

In your source bucket, go to Management tab
Find Replication rules → Create replication rule

Rule Configuration:

Rule name: SimpleProof-Replication
Status: Enabled

Source:

Apply to all objects in the bucket (recommended)

Destination:

Destination type: Specify a bucket in another account
Account ID: [Use Simple Proof Account ID from their email]
Bucket name: [Use bucket name from Simple Proof email]
Storage class: Use same storage class

IAM Role:

Create new role (AWS will automatically create it)

Save the replication rule

2.3 Get the IAM Role ARN

After saving, go back to Management → Replication rules
Click on your SimpleProof-Replication rule
Copy the IAM Role ARN (it looks like: arn:aws:iam::123456789012:role/service-role/replication-role-...)

Step 3: Send IAM Role ARN to Simple Proof

📧 Second Email to: support@simpleproof.com

Subject: S3 Replication - IAM Role ARN for Bucket Policy

Dear Simple Proof Team,

I have created the S3 replication rule as requested.

IAM Role ARN: [paste the complete ARN here]

Source Bucket: [your-source-bucket-name]
Destination: [simple-proof-bucket-name]

Please configure the destination bucket policy with this ARN to enable replication.

Best regards,
[Your Name]

⏳ Wait for Simple Proof confirmation that the bucket policy has been configured.

Step 4: Test Replication

Once Simple Proof confirms the setup:

Upload a test file to your source bucket
Wait 2-3 minutes for replication
Contact Simple Proof to confirm the file was received and timestamped

📋 Replication Behavior:

Only new objects uploaded after setup will replicate
Existing objects are NOT automatically replicated
All replicated objects will be automatically timestamped on Bitcoin blockchain

Verification Checklist

First email sent: Requested Simple Proof account ID and bucket name
Received Simple Proof details: Account ID and destination bucket
Versioning enabled: On source bucket
Replication rule created: Pointing to Simple Proof account/bucket
IAM Role ARN copied: From replication rule details
Second email sent: Provided IAM Role ARN to Simple Proof
Simple Proof confirmation: Bucket policy configured
Test completed: Sample file uploaded and replicated
Timestamping verified: Confirmed with Simple Proof

Troubleshooting

Replication not working:

Verify versioning is enabled on source bucket
Confirm you used correct Simple Proof account ID and bucket name
Check that Simple Proof has configured the bucket policy

Can't find IAM Role ARN:

Go to source bucket → Management → Replication rules
Click on your replication rule to see role details
Copy the complete ARN including arn:aws:iam::

Permission errors:

Contact Simple Proof - they need to update bucket policy with your ARN
Verify the ARN you sent is complete and correct

Support

Simple Proof Support: support@simpleproof.com
AWS S3 Documentation: Cross-Account Replication

Summary

Two-Email Process:

Email 1: Request Simple Proof account ID and destination bucket
Email 2: Send your IAM role ARN for bucket policy configuration

🎯 Result: Automatic S3 replication with Bitcoin blockchain timestamping via OpenTimestamp!