S3 Submission Retrieval Store

  • Updated on Nov 5, 2024
  • Published on Nov 5, 2024
  • 1 minute(s) read

Configuring Amazon S3 bucket permissions

The following permissions are required to use S3 for submission retrieval storage:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::BUCKET-NAME-TO-READ-SUBMISSIONS-FROM"
        },
        {
            "Sid": "",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": "arn:aws:s3:::BUCKET-NAME-TO-READ-SUBMISSIONS-FROM/*"
        }
    ]
}

Configuring an Amazon S3 submission retrieval store

You can configure an Amazon S3 submission retrieval store in the Submission Initialization Block. To learn how, see the “Submission Initialization Block” section in the “Flow Blocks” article for your version of Hyperscience ( v35 | v36 | v37 | v38 | v39 | v40 ).

Authentication to S3 through AWS Identity and Access Management (IAM) roles is not supported in on-premise Kubernetes deployments or SaaS deployments of Hyperscience. For these deployment types, an AWS access key ID and secret are required to connect to S3.

In v32 and later, you can choose to store your system-level credentials in a secrets manager. To learn more about our secrets-management integration, see Secrets Management.