How to Onboard data using AWS Bucket Sync to INCRMNTAL

This article explains how to enable and onboard raw or aggregated data to INCRMNTAL using Amazon AWS Bucket Sync

There are two options for sharing data with INCRMNTAL via AWS. As our partner, you can choose whichever method suits you best. 

  • Allowing INCRMNTAL to read from a bucket created.
  • Data transfer by the client to a bucket created by INCRMNTAL (Not Recommended)

Allowing INCRMNTAL to Read from a Bucket Created

Option A: Providing INCRMNTAL AWS IAM credentials to access your bucket

1. Create an IAM limited access user credentials for INCRMNTAL in your AWS account

The IAM user permissions should include: "s3:ListBucket" and "s3:GetObject"

Instructions to creating an IAM user with AWS can be found here.

2. Share the IAM user AWS Access Key, Secret Key, and bucket name with us via onboarding@incrmntal.com

 

Option B: Providing INCRMNTAL account access 

  1. The steps required for granting INCRMNTAL access to your bucket are outlined below (for a more detailed description please go to the AWS example walkthrough page)
  2. Your AWS administrator attaches a bucket policy, granting cross-account permission to INCRMNTAL to perform specific bucket operation.

    INCRMNTAL grants permission to its users and verifies that the objects in the client’s bucket are accessible.

    Note: Your administrator will need the INCRMNTAL Account ID

    Contact onboarding@incrmntal.com to get the Account ID

    Example of a Bucket Policy (Read only permission)

    {

          "Version": "2012-10-17", 

          "Statement": [

          {

                 "Sid": "Example permissions", 

                 "Effect": "Allow",

                 "Principal": {

                        "AWS": "arn:aws::iam:[INCRMNTAL_ACCOUNT_ID]:root" 

                  },

                   "Action": [ 

                            "s3:ListBucket", 

                            "s3:GetObject"

                   ], 

                   "Resource": [

                             "arn:aws:s3:::BUCKET_NAME/*",

                             "arn:aws:s3:::BUCKET_NAME" 

                   ]

             }

         ]

    }

     

    Data Transfer to a Bucket Created by INCRMNTAL

    (Not Recommended)

    Option A: INCRMNTAL provides access to your company AWS account

    1. Provide your INCRMNTAL POC with your 12 digit AWS Account ID 
    2. INCRMNTAL will setup a bucket policy so that you can copy data directly into this bucket
    3. Copy data into the bucket

    Note: When copying data please add the following option to the copy comment: --acl bucket-owner-full-control

    This will ensure INCRMNTAL has access to the copied files when are copied or moved between buckets

     

    Option B: INCRMNTAL provides a AWS IAM user 

    If this is the option of integration you prefer, please contact us at onboarding@incrmntal.com and we will provide you with with a IAM user AWS Access Key, Secret Key, and bucket name



    For any question please contact onboarding@incrmntal.com , or open a support Ticket here