S3 Setup Guide
Prerequisites
- An S3 bucket to write data into.
- An AWS account with the ability to create IAM policies and roles.
Setup Guide
- Select Authentication Method.
- Enter bucket Region.
- Specify Bucket name.
- If you selected IAM Role, enter the External ID provided by the connector and the Role ARN (see below).
- If you selected Access Key and Secret, enter the Access Key ID and Secret Access Key (see below).
- Select the File Format for files written to your bucket.
- Enter a Name for the connector.
- (Optional) Enter a Description for the connector.
- Select the Owner of the connector.
- (Optional) Verify that your account is successfully connected by clicking on Test Connection.
- Click Connect.
Authentication by IAM Role (Recommended)
Create IAM Policy
-
Go to the AWS Management Console.
-
Open the IAM console.
-
In the navigation pane, choose Policies.
-
Choose Create policy.
-
Choose the JSON tab.
-
Enter the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:PutObject",
"s3:AbortMultipartUpload"
],
"Resource": [
"arn:aws:s3:::{your-bucket-name}",
"arn:aws:s3:::{your-bucket-name}/*"
]
}
]
} -
Choose Review policy.
-
Specify the Name of your policy. For example,
Matia-S3-Destination-Access. -
(Optional) Enter a Description for the policy.
-
Choose Create policy.
Create IAM Role
- Go to the AWS Management Console.
- Open the IAM console.
- In the navigation pane, choose Roles.
- Choose Create role.
- Choose Another AWS account.
- Enter the following account ID:
035563399062. - Select the Require external ID check box.
- Enter the External ID provided by the connector.
- Click Next: Permissions.
- In the Filter policies search box, type the name of the policy you created in the previous step and select it. For example,
Matia-S3-Destination-Access. - Click Next: Tags.
- Click Next: Review.
- Enter a Name for the role. For example,
Matia-S3-Destination-Role. - (Optional) Enter a Description for the role.
- Click Create role.
- Open the role you created and copy its Role ARN into the connector's Role ARN field.
Authentication by Access Key and Secret
Create IAM Policy
-
Go to the AWS Management Console.
-
Open the IAM console.
-
In the navigation pane, choose Policies.
-
Choose Create policy.
-
Choose the JSON tab.
-
Enter the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListMultipartUploadParts",
"s3:PutObject",
"s3:DeleteObject",
"s3:AbortMultipartUpload"
],
"Resource": [
"arn:aws:s3:::{your-bucket-name}",
"arn:aws:s3:::{your-bucket-name}/*"
]
}
]
} -
Choose Review policy.
-
Specify the Name of your policy. For example,
Matia-S3-Destination-Access. -
(Optional) Enter a Description for the policy.
-
Choose Create policy.
Create IAM User
- Go to the AWS Management Console.
- Open the IAM console.
- In the navigation pane, choose Users.
- Choose Create user.
- Enter a Name for the user. For example,
Matia-S3-User. - Click Next.
- Choose Attach policies directly.
- In the Permissions policies search box, type the name of the policy you created in the previous step and select it. For example,
Matia-S3-Destination-Access. - Click Next, then Create user.
- Open the user you created, go to the Security credentials tab, and choose Create access key.
- Copy the Access Key ID and Secret Access Key into the connector's Access Key ID and Secret Access Key fields.
Supported File Format
- CSV
- JSON