Allowing Xplenty access to data on Amazon S3

To enable Xplenty access to your S3 data, you need to perform the following steps:
  1. In AWS's IAM (Identity and Access Management) module, create a user account for working with Xplenty.
  2. In IAM, save the user account's security credentials for later use when defining a connection in Xplenty.
  3. In IAM, attach a user policy (provided by Xplenty) to the newly-created user account.
  4. In Xplenty, create a connection using the IAM security credentials you saved previously.
Each of these steps are detailed below.

Note: To enable Xplenty to operate with S3:

  • never use an underscore in an S3 bucket name.
  • never end an S3 bucket name with a dash.
Watch this short video tutorial or read below for textual instructions:

To create a user account in IAM

  1. Log into the AWS Management Console.
  2. Click Identity & Access Management (also known as IAM).

  3. On the left navigation bar, click Users.
  4. Click Create New Users.

  5. Enter a user name, such as Xplenty, and make sure the check box Generate an access key for each User is selected.

  6. Click Create. A user account with security credentials is created.

To save user security credentials

  1. Click Show User Security Credentials.

  2. Make sure that the Access Key Id and the Secret Access Key do not contain slashes.

    Note: If either key contains a slash, Click Close, then click Close Window, and proceed to To create new security credentials for a user below.
  3. Click Download Credentials and save the credentials.csv file for later when you will need to configure Xplenty to work with S3.

  4. Click Close Window.

Creating new security credentials for a user

Note: Perform this step if in the procedure To save user security credentials above, any of the user account security credential keys contain a slash, or if you cannot find the credentials.csv file you saved.

  1. In the list of users, click the user you created for working with Xplenty, then scroll down to Security Credentials , and then click Manage Access Keys.

  2. Click Delete and click OK.

  3. Click Create Access Key.
  4. Continue from Step 1 in To save user security credentials above.

To attach an Xplenty user policy to the IAM user account

  1. In the list of users, click the user you created for working with Xplenty, then scroll down to Permissions.
  2. Click Attach User Policy.

  3. Click Custom Policy, then click Select.

  4. Type a name for the policy, such as Xplenty.
    Note: Policy Name must contain only alphanumeric characters and/or the following: +=,.@-
  5. For read-only buckets, copy the following policy and replace "your-bucket" with your bucket name:
    {
      "Version" : "2012-10-17",
      "Statement": [
        {
          "Action": [
            "s3:ListBucket"
          ],
          "Effect": "Allow",
          "Resource": [
            "arn:aws:s3:::your-bucket"
          ]
        },
        {
          "Action": [
            "s3:GetObject"
          ],
          "Effect": "Allow",
          "Resource": [
            "arn:aws:s3:::your-bucket/*"
          ]
        }
      ]
    }
  6. For read-write buckets, copy the following policy and replace "your-bucket" with your bucket name:
    {
      "Version" : "2012-10-17",
      "Statement": [
       {
                "Action": [
                    "s3:ListBucket",
                    "s3:GetBucketAcl"
                ],
                "Effect": "Allow",
                "Resource": [
                    "arn:aws:s3:::your-bucket"
                ]
            },
            {
                "Action": [
                    "s3:GetObject",
                    "s3:GetObjectAcl",
                    "s3:DeleteObject",
                    "s3:PutObject"
                ],
                "Effect": "Allow",
                "Resource": [
                    "arn:aws:s3:::your-bucket/*"
                ]
            }
      ]
    }


  7. Click Apply Policy.

For more information, refer to AWS IAM documentation on the web

To define a connection in Xplenty to Amazon S3

  1. Click your avatar, then click Account settings.
  2. Click Connections, then click new cloud storage connection and click Amazon S3.
  3. Type a name for the connection, then from the credentials.csv file you previously saved in To save user security credentials above, copy the Access key id and Secret access key into the respective fields.
  4. If the S3 buckets reside in a region that requires AWS Signature v4, fill in the region for the connection. See region list here.
  5. Click test connection. If the credentials are correct, a message that the cloud storage connection test was successful appears.
  6. Click create amazon s3 connection.
  7. The connection is created and appears in the list of cloud storage connections.
  8. Now you can create a package and test it on your actual data stored in S3.

Feedback and Knowledge Base