Amazon Simple Storage Service (Amazon S3) provides developers and IT teams with secure, durable, and highly-scalable cloud storage.
Setting Up IAM User in AWS
Before you connect to Grow, you need to obtain your Amazon S3 Access Key ID, Secret Access Key, and Bucket (optional).
Follow these steps to set up your IAM user in AWS:
- In Amazon, you’ll need to create an IAM user in your AWS account. You can find instructions here on their help documentation.
- When you create the new user, you will need to create credentials for this user, which includes an Access Key ID and a Secret Access Key. Copy these values into Grow.
Before you finish creating the user, you will only have one chance to view the Access Key ID and secret access keys. You can click “Download .csv” to save the file with the keys if you need to see it later. After you have passed this step, you will not be able to see the access keys again.
- Make sure that the new IAM User has Programmatic Access, as they will need to access the API.
- You’ll need to attach permissions to this IAM user. We recommend attaching the “S3ReadOnly” policy to the user, as this is usually the easiest. This document will walk you through attaching managed policies to an IAM user.
- If you know which bucket your IAM user needs access to, you are welcome to use our policy, which is below in the FAQ + Tips and Tricks section, to give the user access to the specific bucket. Additionally, you can check out Amazon's help articles for further documentation.
- While specifying a bucket is optional, if you know the bucket the IAM user needs access to, we recommend specifying it.
You can now connect your AWS database to Grow using these credentials.
Connecting to AWS
After you have created your IAM user in AWS, you can use those credentials to connect the data source to Grow. You will need Access Key ID, Secret Access Key, and Bucket (optional) information to create the data source connection.
Here are the steps to connect your Amazon S3 account to Grow:
Click on the Data tab at the top left of the global navigation. Then click on Connections in the Data Library section.
Click on the blue Connect button and search for Amazon S3.
Click on the Amazon S3 logo.
To connect your Amazon S3 account, you will need to enter your Connection Name, Access Key ID, Secret Access Key, and Bucket (which is optional).
For the Connection Name field, enter a name that you want Grow to remember. The name you enter is what your connection will be called after you press Submit.
Endpoints
Amazon S3 is an integration similar to FTP/SFTP in that it has no set endpoints. Instead, when you connect to Amazon S3, you will be able to pull in the folders and reports you have saved there. Any time your files in Amazon S3 are updated, Grow will automatically update the metrics built on them.
FAQs + Tips and Tricks
How can I make sure my data is secure?
We have several controls in place to keep your data safe. Check out our security article to see what steps you can take to keep your data safe.
How do I prepare my spreadsheets to use in Grow?
It's important to make sure your spreadsheets are formatted appropriately so you can easily use them in Grow. We strongly recommend you consult this help article for tips to prepare your spreadsheets.
How can I set permissions for a specific bucket?
If you want to isolate permissions to a specific bucket, you can create and attach this policy to your IAM user. Where it says YOUR_BUCKET_NAME_HERE, you would insert the name of the bucket.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": "arn:aws:s3:::YOUR_BUCKET_NAME_HERE/*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::YOUR_BUCKET_NAME_HERE"
}
]
}