Before you start, ensure you have an IAM role in your AWS that permits you to create CloudFormation Templates.

Latch utilizes CloudFormation Templates to establish an IAM role that enables the configuration and discovery of your S3 buckets, so they can be mounted onto Latch Data.


Important: Latch only supports mounting versioned buckets. To check if your bucket is versioned, open the bucket in S3, go to the Properties tab, and check Bucket Versioning.

Connecting an AWS Account


Go to the 'Data Tab' and click the 'Mount S3 Bucket' button.


If you have not connected Latch with your AWS account yet it will prompt you to do so. Click the 'Connect AWS Account →' button.


If not already, log into the AWS account which contains your buckets.


You will be directed to an AWS CloudFormation 'Quick create stack' template.

This template will create an IAM (Identity and Access Management) role that has:

  • Permission to list all of your buckets,
  • Permission to execute lambdas and to publish events to LatchBio’s SQS queue (for configuration and bucket notifications, respectively), and
  • Permission to read/write to a set of buckets you specify.

You can choose which buckets you want to give LatchBio access to by specifying them as a comma (,) delimited list in the field called 'buckets'.

You can also use wildcards (*) to specify multiple buckets.

After specifying buckets, click 'Create Stack'.


Wait for the stack to be created.


After it has been created, return to Latch Console.

The ‘Mount S3 Bucket’ modal should show your AWS account and all of the buckets you gave LatchBio access to. You might have to click the refresh button on the modal a few times before your buckets show up.


Click the 'Mount/Add Link' button for the bucket you want to mount.

The modal will close and the bucket you added will appear in the data list.

You can add more buckets by clicking the Add Buckets button - this will allow you to update the Cloudformation stack and give LatchBio access to other buckets in your account.

Removing a Bucket

Removing a bucket requires some edits both on the LatchBio side and in your AWS account.


If you have mounted the bucket, hover over the bucket link in the LData homepage, click the ellipsis (…) and select Delete to remove the link.


Open the S3 Mount Modal and click 'Add Buckets'.

Remove the bucket from the buckets list and update the Cloudformation stack.


In the S3 Console, navigate to the bucket you want to remove > Permissions > scroll to Bucket Policy and remove the entry in 'Statements' called 'latch-data-mount'.

If this is the only entry in the Statements array, you can just delete the bucket policy outright.

Still in the bucket homepage, navigate to Properties and scroll to 'Event Notifications' - from here, delete the notification called 'latch-s3-mount'.

If you previously had an event notification for this bucket set up, you’ll have to:

  1. Restore that notification, and
  2. Go to the Lambda homepage and delete the Lambda called latch-mount-fw-[BUCKET_NAME].

Your bucket has now been removed.


My bucket isn’t showing up in the list in the Mount S3 Bucket modal.

This might be because your bucket isn’t versioned. Latch only supports versioned buckets for mounting. To check to see if your bucket is versioned or not, open the bucket in S3, go to the Properties tab, and it is the 2nd panel, Bucket Versioning. If your bucket is versioned and is still not showing up, please reach out to for assistance.