S3
In this article
Overview
You can use this account type to connect S3 Snaps with data sources that use an Amazon S3 account.
Prerequisites
EC2 instance as a Groundplex. The IAM role is valid only in Groundplex nodes hosted in the EC2 environment. Learn more about Configuring an EC2 role for IAM Role in AWS S3 Account.
JCC with the following global property set:
jcc.jvm_options=-DIAM_CREDENTIAL_FOR_S3=TRUE
If you do not have an EC2 instance groundplex, then you can authenticate your account by using the Access Key ID and Secret Key. You can assume roles using the Cross account IAM role, that uses the IAM role specified in the settings. The Access Key ID and Secret Key need to have the ability to assume in the user specifications.
Limitations and Known Issues
None.
Account Settings
Â
Asterisk (*): Indicates a mandatory field.
Suggestion icon (): Indicates a list that is dynamically populated based on the configuration.
Expression icon (): Indicates whether the value is an expression (if enabled) or a static value (if disabled). Learn more about Using Expressions in SnapLogic.
Add icon (): Indicates that you can add fields in the fieldset.
Remove icon (): Indicates that you can remove fields from the fieldset.
Field Name | Field Type | Description |
---|---|---|
Label* Â Default Value:Â None | String | Specify a unique label for the account. Â |
Access Key ID Â Default Value:Â N/A | String/Expression | Specify a unique access key ID part of AWS authentication. This field is required if the IAM role is disabled. Â |
Secret Key  Default Value: N/A | String/Expression | Specify the secret key part of AWS authentication.  |
Security Token
| String/Expression | Specify the security token that is part of AWS Security Token Services (STS) credentials. Note that only global STS regions are supported. |
IAM Role  Default value: Deselected | Checkbox | Select this checkbox to use the EC2 instance stored in the IAM role, instead of the normal AWS authentication to access the S3 bucket. The Access-key ID and Secret key fields are ignored in this case. Learn more about Configuring an EC2 role for IAM Role in AWS S3 Account. The Amazon S3 Snaps automatically detect the Maximum session duration value for the Cross-Account IAM role (1 through 12 hours). The Snaps round down the value to the nearest hour. So, if the Snap administrator sets the Maximum session duration at 3 hours and 45 minutes, the Snaps read it as 3 hours. The Snaps also refresh the session before it expires. However, the automatic session refresh does not support the case of very large file upload or download that takes longer than the maximum session duration. |
Cross Account IAM Role | Configure the properties required to perform cross-account access. Learn more about setting up Cross Account IAM Role. | |
Role ARN Â Default Value:Â N/A | String/Expression | Specify the Amazon Resource Name of the role to assume. Â |
External ID Â Default Value:Â N/A | String/Expression | Specify an optional external ID that might be required by the role to assume. Â |
Encryption | Configure the properties required for encryption. | |
Encryption Type  Default value: None | Dropdown list | Specify the AWS Key Management Service key used to encrypt S3 objects. It can be the key ID or ARN. The available options are:
|
KMS key  Default value: None | String | Specify the AWS Key Management Service (KMS) key ID or ARN to be used for the S3 encryption. |
KMS Region  Default Value: N/A | String/Expression/Suggestion | Specify the AWS region where the KMS key is located.  |
Troubleshooting
Error | Reason | Resolution |
---|---|---|
When authorizing an S3 account, if the IAM role checkbox is selected, the following error is displayed on clicking the Validate button.
| When validating the S3 account if the IAM role checkbox is selected, an error is displayed. | Account validation is not supported when you select the IAM Role checkbox. |
Snap Pack History
Â
Related Content
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.