diff --git a/movie-recognizer/src/Infrastructure/ApplicationConfiguration.cs b/movie-recognizer/src/Infrastructure/ApplicationConfiguration.cs
index 74d033207eb6ba8b6b774910c20f494f86b765d4..574cad7a289d718c4b4b8979e675704498221a21 100644
--- a/movie-recognizer/src/Infrastructure/ApplicationConfiguration.cs
+++ b/movie-recognizer/src/Infrastructure/ApplicationConfiguration.cs
@@ -1,3 +1,4 @@
+using Amazon.Runtime;
 using Amazon.S3;
 using Application;
 using Application.Files;
@@ -29,19 +30,18 @@ public static class ApplicationConfiguration
 
     public static void AddAmazonS3Client(this IServiceCollection services, IConfiguration configuration)
     {
-        var serviceUrl = configuration.GetRequiredSection(FileStorageSettings.SectionName)["ServiceUrl"];
-        
-        if (serviceUrl is null)
-        {
-            services.AddAWSService<IAmazonS3>();
-        }
-        else
+        var settings = configuration
+            .GetRequiredSection(FileStorageSettings.SectionName)
+            .Get<FileStorageSettings>()!;
+
+        var credentials = new BasicAWSCredentials(settings.AccessKey, settings.SecretKey);
+
+        var config = new AmazonS3Config
         {
-            services.AddSingleton<IAmazonS3>(new AmazonS3Client(new AmazonS3Config
-            {
-                ServiceURL = serviceUrl
-            }));
-        }
+            ServiceURL = settings.ServiceUrl
+        };
+
+        services.AddSingleton<IAmazonS3>(new AmazonS3Client(credentials, config));
     }
 
     public static void AddApplicationServices(this IServiceCollection services, IHostEnvironment environment)
diff --git a/movie-recognizer/src/Infrastructure/Files/FileStorageSettings.cs b/movie-recognizer/src/Infrastructure/Files/FileStorageSettings.cs
index bc6874fcc346ece5c81eca2bc00808d3452a7d04..a4f725accd0ec77771d6240aeab4f6cfeb4ee1b4 100644
--- a/movie-recognizer/src/Infrastructure/Files/FileStorageSettings.cs
+++ b/movie-recognizer/src/Infrastructure/Files/FileStorageSettings.cs
@@ -6,8 +6,15 @@ public class FileStorageSettings
 {
     public const string SectionName = "FileStorage";
 
-    public string? ServiceUrl { get; set; }
+    [Required]
+    public required string ServiceUrl { get; set; }
     
     [Required]
     public required string BucketName { get; set; }
+    
+    [Required]
+    public required string AccessKey { get; set; }
+    
+    [Required]
+    public required string SecretKey { get; set; }
 }
\ No newline at end of file
diff --git a/movie-recognizer/src/WebApi/WebApi.csproj b/movie-recognizer/src/WebApi/WebApi.csproj
index 9de854514d117bcfb81b8d72ff17622566cbbed5..5c1908b32300fe81caefe93b212638d196a2d138 100644
--- a/movie-recognizer/src/WebApi/WebApi.csproj
+++ b/movie-recognizer/src/WebApi/WebApi.csproj
@@ -4,6 +4,7 @@
         <TargetFramework>net8.0</TargetFramework>
         <Nullable>enable</Nullable>
         <ImplicitUsings>enable</ImplicitUsings>
+        <UserSecretsId>b263df8a-5067-448a-92e4-e1afd6654b45</UserSecretsId>
     </PropertyGroup>
 
     <ItemGroup>
diff --git a/terraform/bucket.tf b/terraform/bucket.tf
index e3593583fa64a761b0e3d50d80974f1cf6dbc46a..1cc867d150574c4bdb26f72426f3baffcbcc00dc 100644
--- a/terraform/bucket.tf
+++ b/terraform/bucket.tf
@@ -12,6 +12,11 @@ resource "yandex_storage_bucket" "bucket" {
     type        = "CanonicalUser"
     permissions = ["READ", "WRITE"]
   }
+
+  anonymous_access_flags {
+    read = true
+    list = false
+  }
 }
 
 resource "yandex_iam_service_account" "sa_bucket" {