Amazon S3 is a web service offered by Amazon Web Services, that provides scalable and highly flexible cloud storage through web services interfaces.
The Amazon S3 connector uses Amazon S3 REST API, version 2006-03-01.
How to connect to Amazon S3 on Workato
The Amazon S3 connector uses the AWS Signature Version 4 to authenticate to Amazon S3. There are 2 ways to connect: 1) Using Access Key 2) Using IAM role.
Connect to Amazon S3 using Access Key
This is the most simple way to connect to Amazon S3. To use this authentication method, you just need to provide the access key of an IAM User in your Amazon S3 system.
Workato will log in to your Amazon S3 as this IAM User to do automation. The IAM User should have enough permission, ideally List/Read/Write permission to specific buckets & folders.
Refer to Amazon documentation on how to create an IAM User.
Connect to Amazon S3 using IAM Role
If you prefer not to share your Amazon S3 access key, you can connect using IAM Role.
In this method, you will create an IAM Role for an external Workato's Amazon S3 account to access your Amazon S3. Learn more about IAM Role and granting access to third-party in this Amazon documentation.
Follow these steps to create the proper IAM Role for Workato:
- In Amazon S3, select
My Security Credentialsunder your username.
Another AWS Account. Input Workato's Amazon S3
Account ID(353360065216). Type in an
External IDand record this down, you will need it later to setup the Amazon S3 connector in Workato.
- Select a proper permission for Workato to run automation in your Amazon S3. At the mininum, Workato should have List/Read/Write access to specific buckets or folders. In this tutorial, we will select
- Give this IAM Role name & description.
- The IAM Role is now created. Open the role.
- Copy the
Role ARN. You will need it later to setup the Amazon S3 connector in Workato.
Working with Amazon S3 connector
The terminology for common Amazon S3 data can be found below.
Buckets are containers that hold objects. The geographical region where this bucket and its contents will be stored can be defined by the user.
An object consists of a file, and optionally any metadata describing that file.
Using the new file trigger
The new file trigger listens to new files uploaded into a specific Amazon S3 bucket. The trigger event contains only metadata about the file, however, such as file name and size. To retrieve content of the file, use the Download file action.
Exact, case sensitive names
When defining bucket and object by names in Amazon S3, take note that names should be exact and are case sensitive.