Cloud Data Integration Connectors Current Version
- Cloud Data Integration Connectors Current Version
- All Products
Name of the connection.
Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
Maximum length is 255 characters.
Description of the connection. Maximum length is 4000 characters.
The Amazon S3 V2 connection type.
Name of the runtime environment where you want to run the tasks.
Select a Secure Agent, Hosted Agent, or serverless runtime environment.
Access key to access the Amazon S3 bucket.
Enter the access key value based on the following authentication methods:
Secret access key to access the Amazon S3 bucket. The secret key is associated with the access key and uniquely identifies the account.
Enter the secret access key value based on the following authentication methods:
IAM Role ARN
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role assumed by the user to use the dynamically generated temporary security credentials.
Enter the value of this property if you want to use the temporary security credentials to access the AWS resources.
Even if you remove the IAM role that enables the agent to access the Amazon S3 bucket and create a connection, the test connection is successful.
For more information about how to obtain the ARN of the IAM role, see the AWS documentation.
Provides a more secure access to the Amazon S3 bucket when the Amazon S3 bucket is in a different AWS account.
Use EC2 Role to Assume Role
Enables the EC2 role to assume another IAM role specified in the IAM Role ARN option.
By default, the Use EC2 Role to Assume Role check box is not selected.
The EC2 role must have a policy attached with a permission to assume an IAM role from the same or different account.
Bucket name or complete folder path to the Amazon S3 objects.
Do not use a slash at the end of the folder path. For example,
<bucket name>/<my folder name>
Master Symmetric Key
A 256-bit AES encryption key in the Base64 format when you use client-side encryption. You can generate a key using a third-party tool.
Customer Master Key ID
The customer master key ID or alias name generated by AWS Key Management Service (AWS KMS) or the Amazon Resource Name (ARN) of your custom key for cross-account access.
Cross-account access is not applicable to
You must generate the customer master key for the same region where Amazon S3 bucket resides.
You can specify the following master keys:
S3 Account Type
The type of the Amazon S3 account.
Select from the following options:
Default is Amazon S3 storage.
Enter the S3 storage endpoint in HTTP or HTTPs format.
The S3 storage endpoint required for S3 compatible storage.
For example, http://s3.isv.scality.com.
The AWS region of the bucket that you want to access.
Select one of the following regions:
Asia Pacific(Hong Kong)
AWS GovCloud (US)
AWS GovCloud (US-East)
South America(Sao Paulo)
US East(N. Virginia)
US West(N. California)
Default is US East (N. Virginia).
Middle East (Bahrain) region is not applicable for elastic mappings.
Federated SSO IdP
SAML 2.0-enabled identity provider for the federated user single sign-on to use with the AWS account.
Amazon S3 V2 connector supports only the ADFS 3.0 identity provider. Select
Noneif you do not want to use federated user single sign-on.
Federated user single sign-on is not applicable to
Other Authentication Type
Select one the following authentication types:
Enter the credential profile file path and the profile name to establish the connection with Amazon S3.
You can use permanent IAM credentials or temporary session tokens when you configure the Credential Profile File Authentication.
Default is NONE.
Credential Profile File Path
Specifies the credential profile file path.
If you do not enter the credential profile path, the Secure Agent uses the credential profile file present in the following default location in your home directory:
Name of the profile in the credential profile file used to get the credentials.
If you do not enter the profile name, the credentials from the default profile in the credential profile file are used.
1Applies only to mappings.
Federated User Name
User name of the federated user to access the AWS account through the identity provider.
Federated User Password
Password for the federated user to access the AWS account through the identity provider.
IdP SSO URL
Single sign-on URL of the identity provider for AWS.
SAML Identity Provider ARN
ARN of the SAML identity provider that the AWS administrator created to register the identity provider as a trusted provider.
ARN of the IAM role assumed by the federated user.
Updated May 13, 2022