# Allow admin users to upload Public files

With Groups support in Cognito, we can easily customize our application experience by creating groups that represent different user types and app usage permissions. 

Developers have the ability to add users and remove users from groups and manage group permissions for sets of users. 

For example, in our current case, we want only admin users to have the capabilities to Upload Files to **/public-files** folder in the S3 bucket. We can create an **admins** group and assign a role that allows the **PutObject** permission in the **/public-files** folder.

![admins groups with a role](https://1642315733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MCam2LtfwWxgwwpbHcu%2F-MD4QJI3Y_rSLOCiYb7D%2F-MD4QahQQsPVGUxBg7Dr%2FScreen%20Shot%202020-07-25%20at%203.34.14%20PM.png?alt=media\&token=96cdb155-7879-4840-9e74-976a0a7a02db)