Important Nexla Help Center Update:
Nexla's Zendesk Help Center pages are being deprecated and will soon no longer be available.
Nexla Documentation is now the home for Nexla's User Guides, with improved formatting and categories that are easier to navigate, providing a better overall user experience.
Please update any bookmarks to the new Nexla Documentation site (docs.nexla.com/user-guides).
_______________________________________________
Introduction
Nexla supports ingesting Amazon S3 data sources. In order to allow Nexla access to a customer S3 bucket, a customer can simply enter their access key and secret key in the Nexla UI when setting up the data source. These AWS credentials are encrypted and stored safely in the Nexla database. If the customer would prefer for Nexla not to store their access and secret keys, they can provide S3 access to Nexla via an AWS ARN. This document describes steps to assign permissions to Nexla’s AWS account with an ARN.
Steps
1. Login to AWS Console using admin credentials
Login https://console.aws.amazon.com/console/home?region=<aws-region>
Navigate to Amazon S3.
https://console.aws.amazon.com/s3/home?region=us-east-1#
If your buckets are in a different region, please insert specific AWS region in the url above.
2. Create a bucket policy
Select the bucket and navigate to the Permissions tab.
Click on bucket policy.
Paste the following policy in the text box. This will give Nexla access to list the contents of the bucket and download files from the bucket. Please replace “exampleBucket” with the name of an actual bucket.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Example permissions",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::433433586750:root"
},
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:GetBucketLocation",
],
"Resource": [
"arn:aws:s3:::examplebucket"
]
}
]
}
If the use case needs Nexla to write data into S3 bucket, we would also need s3:putObject permissions.
The following screenshot shows the details.
Click on Save.
3. Notify Nexla
Please notify Nexla (support@nexla.com) about bucket policy change. Nexla will run quick tests to ensure correct permissions are assigned.
References
Bucket Owner Granting Cross-Account Bucket Permissions
Comments
0 comments
Article is closed for comments.