Amazon S3 is a web service offered by Amazon Web Services, that provides scalable and highly flexible cloud storage through web services interfaces.
The Amazon S3 connector uses Amazon S3 REST API, version 2006-03-01.
How to connect to Amazon S3 on Workato
The Amazon S3 connector uses the AWS Signature Version 4 to authenticate to Amazon S3. There are 2 ways to connect: 1) Using Access Key 2) Using IAM role.
Connect to Amazon S3 using Access Key
This is the simplest way to connect to Amazon S3. To use this authentication method, you just need to provide the access key of an IAM User in your Amazon S3 system.
Workato perform operations in your Amazon S3 as this IAM User. To use the full set of triggers and actions, the IAM User should have List/Read/Write permission to specific buckets & folders.
Refer to Amazon documentation to learn how to create an IAM User.
Connect to Amazon S3 using IAM Role
If you prefer not to share your Amazon S3 access key, you can connect using IAM Role.
In this method, you will create an IAM Role for an external Workato's Amazon S3 account to access your Amazon S3. Learn more about IAM Role and granting access to third-party in this Amazon documentation.
Follow these steps to create the proper IAM Role for Workato:
- In Amazon S3, select
My Security Credentialsunder your username.
Another AWS Account. Input Workato's Amazon S3
Account ID(353360065216). Use a meaningful
External IDand record this down, you will need to use this in the connection setting when creating an Amazon S3 connection in Workato.
- Select a proper permission for Workato to run automation in your Amazon S3. At the mininum, Workato should have List/Read/Write access to specific buckets or folders. In this tutorial, we will select
- Give this IAM Role an appropriate name & description.
- The IAM Role is now created. Select the role.
- Copy the
Role ARN. You will need to use this in the connection setting when creating an Amazon S3 connection in Workato.
Working with Amazon S3 connector
The terminology for common Amazon S3 data can be found below.
Buckets are containers that hold objects. The geographical region where this bucket and its contents will be stored can be defined by the user.
An object consists of a file, and optionally any metadata describing that file.
Using the new file trigger
The new file trigger listens to new files uploaded into a specific Amazon S3 bucket. The trigger event contains only metadata about the file, however, such as file name and size. To retrieve content of the file, use the Download file action.
Exact, case sensitive names
When defining bucket and object by names in Amazon S3, take note that names should be exact and are case sensitive.