# Provide agent resources from an S3 bucket
<a name="enable-s3-bucket"></a>

You can grant AWS Security Agent access to resources in an S3 bucket, such as API documents, threat model documents, and source code that support penetration testing.

You grant AWS Security Agent read access to an S3 bucket in the AWS Management Console. In the Security Agent web app, users select individual resources from S3 as relevant.

1. Navigate to the Agent Space overview page

1. Select **Actions** and then **Edit penetration test configuration** 

1. Under the **S3 buckets** section, define the **S3 URI** containing the **S3 Bucket**. You can add multiple S3 buckets.