Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Integration Connectors
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to Amazon S3 V2 Connector
  3. Connections for Amazon S3 V2
  4. Amazon S3 V2 sources and targets
  5. Mappings and mapping tasks with Amazon S3 V2
  6. Migrating a mapping
  7. Upgrading to Amazon S3 V2 Connector
  8. Data type reference
  9. Troubleshooting

Amazon S3 V2 Connector

Amazon S3 V2 Connector

Back Next

Data encryption in Amazon S3 V2 targets

Data encryption in Amazon S3 V2 targets

To protect data, you can encrypt the Amazon S3 files when you write the files to the target. Do not use the master symmetric key and customer master key together.
Select the type of the encryption in the
Encryption Type
 field under the Amazon S3 V2 advanced target properties.
You can select the following types of encryption:
None
The data is not encrypted.
Server-side encryption
Select
Server Side Encryption
 as the encryption type if you want Amazon S3 to encrypt the data using Amazon S3-managed encryption keys when you write to the target.
If you do not specify the customer master key ID in the connection properties, you must select
Server Side Encryption
 as the encryption type.
Server-side encryption with KMS
Select
Server Side Encryption with KMS
 as the encryption type if you want Amazon S3 to encrypt the data using AWS KMS-managed customer master key encryption keys when you write to the target.
The AWS KMS-managed customer master key specified in the connection property must belong to the same region where Amazon S3 is hosted.
For example, if Amazon S3 is hosted in the
US West (Oregon)
 region, you must use the AWS KMS-managed customer master key enabled in the same region.
Client-side encryption
Select
Client Side Encryption
 as the encryption type if you want the Secure Agent to encrypt the data when you write to the target. Client-side encryption uses a master symmetric key, which is a 256-bit AES encryption key in Base64 format or a customer master key.
Informatica encryption
Select
Informatica Encryption
 as the encryption type if you want to encrypt the data using Informatica crypto libraries when you write to a target. Informatica encryption is applicable only when you run mappings on the Secure Agent machine.
To encrypt a file using Informatica Encryption method, perform the following tasks:
  1. Ensure that the organization administrator has permission to Informatica crypto libraries when you create an Amazon S3 V2 connection.
  2. Select
    Informatica Encryption
     as the encryption type in the advanced target properties.
For Informatica Encryption in the advanced cluster, you must install the Secure Agent on the Amazon EC2 machine.
The following table lists the encryption type supported for various file types:
Encryption type
File type
Client-side encryption
Binary
1
, Flat
Server-side encryption
Avro, Binary
1
, Delta
1
, Flat, JSON
2
, ORC, Parquet
Server-side encryption with KMS
Avro, Binary
1
, Delta
1
, Flat, JSON
2
, ORC, Parquet
Informatica encryption
Binary
1
, Flat
1
Doesn't apply to mappings in advanced mode.
2
Applies only to mappings in advanced mode.
Rules and guidelines for data encryption in Amazon S3 V2 targets
Consider the following rules and guidelines when you configure data encryption in Amazon S3 V2 targets:
  • When you use Informatica encryption in a mapping, the
    _SUCCESS
     file is not generated in the target directory for mappings in advanced mode.
  • When you use Informatica encryption in a mapping, you cannot encrypt more than 1000 files.
To understand how to enable Informatica encryption in the AWS console and Data Integration, see Configuring Informatica Encryption for Mappings in Advanced Mode in Amazon S3 V2 Connector.
For information about the Amazon S3 client encryption policy, see the Amazon S3 documentation.
0 COMMENTS
We’d like to hear from you!