You are here:
Set Up an Amazon Simple Storage Service File Location
Import and export files with Amazon Simple Storage Service (S3). Transferring files from Amazon S3 is faster than transferring them from the Enhanced FTP server that’s built in to Marketing Cloud Engagement. You can fine-tune access to buckets and folders, and manage data access with an AWS Access Key or IAM role.
To complete this task, you must have administrative permissions to view and manage file locations.
- From Marketing Cloud Engagement Setup, in the Quick Find box, enter file, and then select File Locations.
- Click Create.
-
Complete the information in the Properties section.
- For Name, enter a unique name that’s recognizable when creating an activity in Marketing Cloud Engagement.
- For External Key, enter a unique key that identifies the file location when using the API.
- For Description, enter details that help identify the file location when creating an activity in Marketing Cloud Engagement.
- For the location type, select Amazon Simple Storage Service.
-
Complete the location information.
- For Authorization Type, specify the authorization method used to grant Marketing Cloud Engagement access to the site. Choose either Access Key or Access Key with IAM Role.
-
For AWS Bucket Name, enter the name of your S3
bucket. To speed up large and time-sensitive file transfers, select
Accelerate endpoint enabled in AWS..
Note Separate the relative path from the bucket name. Don't use forward or back slashes in the name. - For AWS Relative Path, enter the relative location inside the bucket. Don't use a leading or trailing forward slash ("/") in your path.
- For Access Key ID, enter the AWS Access Key ID for authorization.
- For Secret Access Key, enter the AWS Secret Access Key for authorization.
- For Role ARN, specify the Amazon Resource Name (ARN) for the role that corresponds to this location, such as arn:aws:iam::123456789012:role/Role_Name.
- If you specify Access Key with IAM role, ensure that your Maximum Session Duration is set to 12 hours on the IAM Console.
- For Region Name, specify the AWS region where the S3 bucket is located, such as US-West (Oregon).
- Save the file location.
-
In AWS, grant the appropriate permissions for the user or role.
- To import data from Amazon S3, grant the s3:ListBucket, s3:GetObject, and s3:ListMultipartUploadParts permissions.
- To export data to Amazon S3, grant the s3:ListBucket and s3:PutObject permissions.
Sample AWS Policy
This code sample shows an AWS Identity and Access Management (IAM) policy that allows a user or role to export data to and import data from Amazon S3.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::northerntrail"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::northerntrail/marketing/*"
]
}
]
}
Did this article solve your issue?
Let us know so we can improve!
