About

AWS S3 is a scalable object storage service that allows users to store and protect their data for virtually any use case, such as data lakes, cloud-native applications, and mobile apps.

Why You Should Integrate

Syncing asset data from Sevco to an S3 bucket will allow you to leverage the scalability, reliability, and security of AWS S3 to store, manage, and analyze data; this can enhance your security operations and compliance efforts.

How Does the Integration Work

This integration allows you to sync asset data in Sevco to an AWS S3 bucket.

During configuration, you can choose to sync User and/or Device asset data.
Once the integration is configured, it will sync all of the data associated with the asset type(s) you've selected to your S3 bucket.
After the initial setup, this integration will perform a differential sync every 24 hours.

⚠️
If you haven't already, please review our instructions for configuring the AWS integration before proceeding with the instructions below.

Configuration Options

Field	Description	Example
`Bucket Name` *	The name of the S3 Bucket Sevco Inventory will be syncing to	`sevco-inventory-sync`
`Key Prefix`	The S3 Bucket folder Sevco Inventory will be syncing to	`users/`
`Region`	The region containing the S3 instances to collect	`us-east-1`

External Documentation

Creating Credentials

See platform documentation for details on AWS - Creating credentials.

Required Permissions

Your IAM user (Access Key ID/Secret) or newly created role (AssumeRole) should use a permission policy with at least the following permissions:

AssumeRole

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:AbortMultipartUpload"
            ],
            "Resource": "<S3_BUCKET_ARN>/*" // Replace with your bucket arn
        }
    ]
}

AssumeRole with KMS key

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:AbortMultipartUpload"
            ],
            "Resource": "<S3_BUCKET_ARN>/*" // Replace with your bucket arn
        },
        {
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt",
                "kms:Encrypt",
                "kms:GenerateDataKey"
            ],
            "Resource": "<KMS_ARN>" // Replace with your KMS arn for custom KMS key
        }
    ]
}

Contact Us

If you're having problems configuring an Integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits link located in the upper right hand corner of the documentation.

Tags: <on-prem/cloud>,