Table of Contents

Search

  1. Preface
  2. Introduction to Amazon S3 V2 Connector
  3. Connections for Amazon S3 V2
  4. Amazon S3 V2 sources and targets
  5. Mappings and mapping tasks with Amazon S3 V2
  6. Migrating a mapping
  7. Upgrading to Amazon S3 V2 Connector
  8. Data type reference
  9. Troubleshooting

Amazon S3 V2 Connector

Amazon S3 V2 Connector

IAM authentication

IAM authentication

You can configure IAM authentication when the Secure Agent runs on an Amazon Elastic Compute Cloud (EC2) system. If you have an EC2 instance, and do not want to specify the keys or use the IAM role ARN, then assign the minimum policy to the EC2 with access to the S3 bucket.
When you use a serverless runtime environment, you cannot configure IAM authentication.
If you do not provide the access key and the secret key in the connection, Amazon S3 V2 Connector uses AWS credentials provider chain that looks for credentials in the following order:
  1. The
    AWS_ACCESS_KEY_ID
    and
    AWS_SECRET_ACCESS_KEY
    or
    AWS_ACCESS_KEY
    and
    AWS_SECRET_KEY
    environment variables.
  2. The
    aws.accessKeyId
    and
    aws.secretKey
    java system properties.
  3. The credential profiles file at the default location,
    ~/.aws/credentials
    .
  4. The instance profile credentials delivered through the Amazon EC2 metadata service.
Perform the following steps to configure IAM authentication on EC2:
  1. Create a minimal Amazon IAM policy.
  2. Create the Amazon EC2 role. The Amazon EC2 role is used when you create an EC2 system. For more information about creating the Amazon EC2 role, see the AWS documentation.
  3. Link the minimal Amazon IAM policy with the Amazon EC2 role.
  4. Create an EC2 instance. Assign the Amazon EC2 role that you created in step #2 to the EC2 instance.
  5. Install the Secure Agent on the EC2 system.

0 COMMENTS

We’d like to hear from you!