Amazon S3_ How to Connect and Collect

Updated on 26 Jun 2024
3 Minutes to read

Print
Share
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

conn

Amazon S3 Overview

Amazon S3 is a cloud storage service provided by Amazon Web Services. Companies can store data in S3 from multiple services. Onna connects directly with S3's API. All files available through the S3 API and linked to the specific bucket are synced, including data stored in the bucket from other sources, historical information, and related metadata. You can use an existing bucket from within the organization's S3 or create a new one specifically for Onna.

Because customers can upload any type of data into an S3 bucket, Onna's S3 integration is meant to work as a bridge to applications that Onna does not directly integrate with.

Connector Features
Authorized Connection Required? No	Is identity mapping supported? No
Audit logs available? Yes	Admin Access? No
Supports a full archive? No	Custodian based collections? No
Preserve in place with ILH? No	Resumable sync supported? No
Supports Onna preservation? No	Syncs future users automatically? No
Sync modes supported: One-time sync Auto-sync	Is file versioning supported? No

Types of Data Collected	Metadata Collected
File Title File creation File last modified Extension Size MD5 hash	Creators File URL in source S3 Bucket name

Amazon S3 Considerations

For the Amazon S3 connector you must select a date when setting up your sync.

Amazon S3 Requirements

To create a bucket or access information on existing buckets in Amazon S3, you must have access to the Amazon Management Console. Learn more about creating a bucket by visiting Amazon's bucket documentation.

To integrate Amazon S3 in Onna, you will need:

Bucket name
Access Key ID
Secret Access Key
AWS region

For security purposes, we recommend working with your AWS admin and creating a role with access to specific buckets. For more information on how to do that, visit Amazon's IAM Role documentation.

Note: The below permissions are required for each Amazon S3 bucket.

s3:ListAllMyBuckets
s3:ListBucket
s3:GetBucketLocation
s3:GetObject

Create New AWS User and Grant Necessary Permissions

To create a new user in Amazon S3 and grant the necessary permissions, follow the steps below:

Step 1

Sign into the AWS Management Console and open the Amazon IAM console at https://console.aws.amazon.com/iam/.

Then, navigate to the ‘Add user’ page. On this page, enter the user name (a), grant Programmatic access (b), and click the ‘Next: permissions’ button in the bottom right corner (c).

Step 2

On the ‘Set permissions’ screen, click the ‘Create policy’ button in the middle of the page.

Step 3

Then, select Service S3, and grant the access level listed below for ‘List’:

ListAllMyBuckets (a)
ListBucket (b)

Next, grant the access level listed below for ‘Read’:

GetBucketLocation (c)
GetObject (d)

Step 4

Under resources select ‘Specific’(a) and click ‘Add ARN’ for Bucket (b). Here you can manually provide the list of ARNs for each bucket.

Then, click ‘Add ARN’ under ‘Object’ (c)

Step 5

Here you can manually provide the list of ARNs for each bucket. For the field object provide an asterisk (*) within the field to grant access to all objects in the bucket.

Then, provide a name and description for the policy, then finally click create policy.

Step 6

Navigate back to the user tab from the Amazon IAM console and click on the user name that should have access to the policy. Attach the policy to the appropriate user by clicking on ‘Add Permissions’. Once the policy has been successfully attached it will be listed under ‘Permissions policies’ for the user.