diff --git a/internal/app/app_verification.go b/internal/app/app_verification.go
index fb9c212..eb3d8f3 100644
--- a/internal/app/app_verification.go
+++ b/internal/app/app_verification.go
@@ -36,7 +36,7 @@ func Run(cfg *config.Config) {
 
 	minioClient, err := minio.New(cfg.S3Endpoint, &minio.Options{
 		Creds:  credentials.NewStaticV4(cfg.S3AccessKeyID, cfg.S3SecretKey, ""),
-		Secure: false,
+		Secure: true,
 	})
 	if err != nil {
 		logger.Fatal("MinioClient", zap.Error(err))
diff --git a/internal/repository/verification.go b/internal/repository/verification.go
index b8c0164..201efd3 100644
--- a/internal/repository/verification.go
+++ b/internal/repository/verification.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/policy"
+	"github.com/minio/minio-go/v7/pkg/set"
 	"go.mongodb.org/mongo-driver/bson"
 	"go.mongodb.org/mongo-driver/bson/primitive"
 	"go.mongodb.org/mongo-driver/mongo"
@@ -24,7 +25,7 @@ type VerificationRepository struct {
 }
 
 const (
-	VerificationBucket     = "verification"
+	VerificationBucket     = "verification1"
 	VerificationCollection = "verification"
 )
 
@@ -43,14 +44,50 @@ func (r *VerificationRepository) Init(ctx context.Context) error {
 	}
 
 	if !ok {
-		err = r.s3.MakeBucket(ctx, VerificationBucket, minio.MakeBucketOptions{})
+		err = r.s3.MakeBucket(ctx, VerificationBucket, minio.MakeBucketOptions{ObjectLocking: false})
 		if r.err(err) {
 			return err
 		}
 
-		p := policy.BucketAccessPolicy{Version: "2012-10-17"}
+		policyConsoleStatement := policy.Statement{
+			Actions: set.CreateStringSet("*"),
+			Conditions: policy.ConditionMap{
+				"StringLike": policy.ConditionKeyMap{
+					"aws:referer": set.CreateStringSet(fmt.Sprintf("https://console.cloud.yandex.*/folders/*/storage/buckets/%s*", VerificationBucket)),
+				},
+			},
+			Effect:    "Allow",
+			Principal: policy.User{AWS: set.CreateStringSet("*")},
+			Resources: set.CreateStringSet(fmt.Sprintf("arn:aws:s3:::%s/*", VerificationBucket),
+				fmt.Sprintf("arn:aws:s3:::%s", VerificationBucket)),
+			Sid: "console-statement",
+		}
 
-		p.Statements = policy.SetPolicy(p.Statements, policy.BucketPolicyReadOnly, VerificationBucket, "*/*")
+		policyServiceAccount := policy.Statement{
+			Actions:    set.CreateStringSet("*"),
+			Conditions: nil,
+			Effect:     "Allow",
+			Principal:  policy.User{CanonicalUser: set.CreateStringSet("ajelmc4tjbct675tjdh9")},
+			Resources: set.CreateStringSet(fmt.Sprintf("arn:aws:s3:::%s/*", VerificationBucket),
+				fmt.Sprintf("arn:aws:s3:::%s", VerificationBucket)),
+			Sid: "service-account-statement",
+		}
+
+		policySharingBucket := policy.Statement{
+			Actions:    set.CreateStringSet("s3:GetObject"),
+			Conditions: nil,
+			Effect:     "Allow",
+			Principal:  policy.User{AWS: set.CreateStringSet("*")},
+			Resources: set.CreateStringSet(fmt.Sprintf("arn:aws:s3:::%s/*", VerificationBucket),
+				fmt.Sprintf("arn:aws:s3:::%s", VerificationBucket)),
+			Sid: "sharing-bucket",
+		}
+
+		p := policy.BucketAccessPolicy{Version: "2012-10-17", Statements: []policy.Statement{
+			policyConsoleStatement,
+			policyServiceAccount,
+			policySharingBucket,
+		}}
 
 		outPolicy, err := json.Marshal(&p)
 		if r.err(err) {
@@ -61,6 +98,7 @@ func (r *VerificationRepository) Init(ctx context.Context) error {
 		if r.err(err) {
 			return err
 		}
+
 	}
 
 	return nil
@@ -123,7 +161,7 @@ func (r *VerificationRepository) Insert(
 		record.Files = []models.VerificationFiles{
 			{
 				Name: "certificate",
-				Url:  fmt.Sprintf("%s/verification/%s/%s", r.s3.EndpointURL(), userID, certFH.Filename),
+				Url:  fmt.Sprintf("%s/%s/%s/%s", r.s3.EndpointURL(), VerificationBucket, userID, certFH.Filename),
 			},
 		}
 	}
@@ -132,15 +170,15 @@ func (r *VerificationRepository) Insert(
 	record.Files = append(record.Files, []models.VerificationFiles{
 		{
 			Name: "inn",
-			Url:  fmt.Sprintf("%s/verification/%s/%s", r.s3.EndpointURL(), userID, innFH.Filename),
+			Url:  fmt.Sprintf("%s/%s/%s/%s", r.s3.EndpointURL(), VerificationBucket, userID, innFH.Filename),
 		},
 		{
 			Name: "rule",
-			Url:  fmt.Sprintf("%s/verification/%s/%s", r.s3.EndpointURL(), userID, ruleFH.Filename),
+			Url:  fmt.Sprintf("%s/%s/%s/%s", r.s3.EndpointURL(), VerificationBucket, userID, ruleFH.Filename),
 		},
 		{
 			Name: "egrule",
-			Url:  fmt.Sprintf("%s/verification/%s/%s", r.s3.EndpointURL(), userID, egruleFH.Filename),
+			Url:  fmt.Sprintf("%s/%s/%s/%s", r.s3.EndpointURL(), VerificationBucket, userID, egruleFH.Filename),
 		},
 	}...)