...
In this article
Table of Contents | ||||
---|---|---|---|---|
|
Overview
You can
...
use this account type to connect Binary Snaps with data sources that use an S3 account.
Multiexcerpt macro | ||||||
---|---|---|---|---|---|---|
| ||||||
The dynamic account types support Secrets Management that allows storing endpoint credentials. Instead of entering credentials directly in SnapLogic Accounts and relying on SnapLogic to encrypt them, the accounts contain only the information necessary to retrieve the secrets. During validation and execution, Pipelines obtain the credentials directly from the secrets manager. Learn more about |
Prerequisites
The s3:ListAllMyBuckets
...
permission is required to successfully validate an S3 account. Refer to the Account Permissions section below for additional permissions
...
required for the target resources based on the task to be performed.
Account
...
In Manager, you can navigate to the required folder and create an account in it (see Accounts). To create an account for binary files:
- Click Create, then select Binary, then S3 Dynamic.
- Supply an account label.
Supply the necessary information.
- (Optional) Supply additional information on this account in the Notes field of the Info tab.
- Click Apply.
Account Settings
...
Label
...
Access-key ID
...
Settings
...
Info |
---|
|
Field Name | Field Type | Description | |
---|---|---|---|
Label Default Value: None | String | Specify a unique label for the account. | |
Access-key ID Default Value: None | String/Expression | Access key ID part of AWS authentication | |
Secret key Default |
...
Value: [None] |
...
Secret key
| String/Expression | Secret key part of AWS authentication | |
Security Token Default value: [None |
...
| String/Expression | Security token part of AWS Security Token Service (STS) credentials | |
Server-side encryption Default value: |
...
Not Selected | Checkbox | This represents the type of encryption to use for the objects stored in S3. For Snaps that write objects to S3, this field defines how the objects will be encrypted. For Snaps that read objects from S3, this field is not required. | |
KMS Encryption type Default value: |
...
None |
...
Dropdown list | The AWS Key Management Service key used to encrypt S3 objects. It can be the key ID or ARN. |
...
The available options are:
For Snaps that write objects to S3, this is required for encryption types Server-Side encryption with AWS KMS-Managed Keys and Client-Side encryption with AWS KMS-Managed Keys. For Server-Side encryption, the key must be in the same region as the S3 bucket. For Client-Side encryption, a key from any region can be used by using the key ARN value. If a key ID is used for Client-Side encryption, it defaults to the us-east-1 region. For Snaps that read objects from S3, this field is not required. |
...
...
KMS |
...
key |
...
...
Default value: None |
...
| String/Expression | This field represents the AWS Key Management Service key used to encrypt S3 objects. It can be the key ID or ARN. For Snaps that write objects to S3, this is required for encryption types Server-Side encryption with AWS KMS-Managed Keys and Client-Side encryption with AWS KMS-Managed Keys. For Server-Side encryption, the key must be in the same region as the S3 bucket. For Client-Side encryption, a key from any region can be used by using the key ARN value. If a key ID is used for Client-Side encryption, it defaults to the us-east-1 region. For Snaps that read objects from S3, this field is not required. | |
KMS region Default value |
...
: None | String/Expression | The AWS region where the KMS key is located. | |
Cross Account IAM Role |
...
Use this field set |
...
- Role ARN
- External ID
...
to manage account access. Learn more about setting up Cross Account IAM Role. | ||
Role ARN Default value: None | String/Expression | The Amazon Resource Name of the role to assume. |
External ID Default value: |
...
None | String/Expression | An optional external ID that might be required by the role to assume |
...
Default value: [None]
Account Encryption
...
If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.
...
. |
...
Account:
...
Multiexcerpt include macro | ||||
---|---|---|---|---|
|
Insert excerpt | ||||||||
---|---|---|---|---|---|---|---|---|
|