Data Delivery Access Keys
AWS (for S3)

AWS Access Keys

Prerequisites

To enable your DataPostie instance to deliver data to your data consumers' S3 buckets, you first need:

  • An AWS user with permissions to get their own IAM details - see below for more detail
  • Access to an access key associated with this AWS user

Required policy for AWS access key

If you do not have a policy which allows an AWS user to get their own IAM details, you can create one with the following JSON, replacing YOUR_AWS_ACCOUNT_ID with your numeric AWS account ID (without hyphens):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "iam:GetUser",
            "Resource": "arn:aws:iam::YOUR_AWS_ACCOUNT_ID:user/${aws:username}"
        }
    ]
}
If your instance is hosted on AWS, it may be easier to request the service account User Resource from the DataPostie team. In this case, you do not need an AWS Access Key, which is preferred.

Create your AWS access key for S3 delivery

Enter the following details:

  • Specify an access key name
  • Select AWS IAM Access Key as your access key type
  • Under Private Key, enter your access key ID
  • Under Secret, enter your access key secret

You can leave the rest of the fields blank.

DataPostie will check that it can access the access key's public ARN before uploading the key.

Add an AWS Access Key for S3 delivery
Data Delivery Access KeysGoogle Cloud Service Account (for GCS)