Overview

You can use this account type to connect S3 Snaps with data sources that use an Amazon S3 account.

Prerequisites

EC2 instance as a Groundplex. The IAM role is valid only in Groundplex nodes hosted in the EC2 environment. Learn more about Configuring an EC2 role for IAM Role in AWS S3 Account.
JCC with the following global property set:jcc.jvm_options=-DIAM_CREDENTIAL_FOR_S3=TRUE

If you do not have an EC2 instance groundplex, then you can authenticate your account by using the Access Key ID and Secret Key. You can assume roles using the Cross account IAM role, that uses the IAM role specified in the settings. The Access Key ID and Secret Key need to have the ability to assume in the user specifications.

Limitations and Known Issues

None.

Account Settings

Asterisk (*): Indicates a mandatory field.
Suggestion icon (): Indicates a list that is dynamically populated based on the configuration.
Expression icon (): Indicates whether the value is an expression (if enabled) or a static value (if disabled). Learn more about Using Expressions in SnapLogic.
Add icon (): Indicates that you can add fields in the fieldset.
Remove icon (): Indicates that you can remove fields from the fieldset.

Field Name	Field Type	Description

Field Name	Field Type	Description
Label* Default Value: None Example: S3 Account	String	Specify a unique label for the account.
Access Key ID Default Value: N/A Example: CKIA2EP4BT3EYCWBKC	String/Expression	Specify a unique access key ID part of AWS authentication. This field is required if the IAM role is disabled.
Secret Key Default Value: N/A Example: G9Hm2h5+PtSI7CnZO9KLVgyFPAc5ZTqC9uV94uPr	String/Expression	Specify the secret key part of AWS authentication.
Security Token Default Value: N/A Example: Djh198SnOKIA2	String/Expression	Specify the security token that is part of AWS Security Token Services (STS) credentials. Note that only global STS regions are supported.
IAM Role Default value: Deselected	Checkbox	Select this checkbox to use the EC2 instance stored in the IAM role, instead of the normal AWS authentication to access the S3 bucket. The Access-key ID and Secret key fields are ignored in this case. Learn more about Configuring an EC2 role for IAM Role in AWS S3 Account.
Cross Account IAM Role	Configure the properties required to perform cross-account access. Learn more about setting up Cross Account IAM Role.
Role ARN Default Value: N/A Example: arn:aws:s3:::sandbox-test-snap	String/Expression	Specify the Amazon Resource Name of the role to assume.
External ID Default Value: N/A Example: 321f248c-8f4a-21be-87c4-184c9f8e2d03	String/Expression	Specify an optional external ID that might be required by the role to assume.
Encryption	Configure the properties required for encryption.
Encryption Type Default value: None Example: Server-Side Encryption	Dropdown list	Specify the AWS Key Management Service key used to encrypt S3 objects. It can be the key ID or ARN. The available options are: None: The files do not get encrypted using KMS encryption. Server-Side Encryption: The S3 file is written and encrypted using the 256-bit Advanced Encryption Standard AAES256. For Snaps that read objects from S3, this field is not required, because encrypted data is automatically decrypted when data is read from S3. Server-Side KMS Encryption: The output files on Amazon S3 are encrypted using this encryption with an Amazon S3-generated KMS key. Client-Side KMS Encryption: The output files on Amazon S3 are encrypted using this encryption with a client-generated KMS key.
KMS key Default value: None Example: 28e3c2b6-74e2-4a3e-9890-6cd8e1c03661	String	Specify the AWS Key Management Service (KMS) key ID or ARN to be used for the S3 encryption.
KMS Region Default Value: N/A Example: s3.us-east-2	String/Expression/Suggestion	Specify the AWS region where the KMS key is located.

SnapLogic Documentation

S3

Overview

Prerequisites

Limitations and Known Issues

Account Settings

Troubleshooting

Snap Pack History

Related Content