Amazon Web Services Connection
The Amazon Web Services Connection connects TrueContext to Amazon Web Services. This enables the use of the Amazon Glacier Data Destination, Amazon S3 Data Destination, Amazon SNS Data Destination, and Amazon S3 Data Source. This topic describes how to configure an Amazon Web Services Connection.
Available on the Enterprise tier only:
Contents
Configure the Connection
- Name the Connection and optionally provide a description.
- Select the FormSpaces that are allowed to use this connection.
TrueContext will only use the Amazon Web Services Connection if it's referenced in the Data Destination or Data Source configuration.
Enterprise and Cloud Connections A Connection is an integration point that's used to link a TrueContext Data Source or Data Destination to an external service to import or export data. Data Destinations and Data Sources that share the same external service can also share the same Connection. link to external services from which data sources Data sources, also known as "Lookups", are external sources of data that you upload or connect to TrueContext. You can reference this data in a form to populate answers or answer options. Data sources save typing, reduce errors, and make it easy to provide mobile users with only the relevant, most current data. can import data, and to which data destinations can route data. Read more about Connections here.
IAM permissions
To fetch data from or send data to Amazon Web Services, your AWS account must have specific IAM role permissions. The following table lists the permissions you need to set up each type of Data Source or Data Destination.
AWS Service | Permissions for Data Source | Permissions for Data Destination |
---|---|---|
S3 | s3:GetObject
|
s3:PutObject
|
SNS | Not applicable | sns:Publish
|
Glacier | Not applicable | glacier:UploadArchive
|
App Key and App Secret
These are credentials provided by Amazon Web Services.
Note:When you set up a Connection for an Amazon S3 Data Destination, you must create credentials under an IAM user. Give the IAM user write access to the bucket and key prefix that you set up for your destination.
In TrueContext, when you set up a Connection, you enter the account credentials for the third-party system. Once you save the Connection, it becomes available to TrueContext and other users for Data Source and Data Destination setup. This means that other TrueContext users on your team can fetch and access data available to the third-party user account.
Note:We recommend that you create a dedicated Integration User account for your third-party system and use that account to set up TrueContext Connections. Set up the Integration User with specific permissions and limited access to the third-party system data. This ensures that TrueContext Admin users and users with “Can Create” permissions can only access the data that they need.
To find these values:
- Login to your AWS account.
- Mouse over My Account/Console in the top right of the browser, and select Security Credentials.
- Expand the Access Keys tab.
- Select Create New Access Key
- Your AWSAccessKeyId and AWSSecretKey will be both shown on-screen and provided in a .csv file for you to download and save.
When configuring an AWS connection, the AWSAccessKeyId is the "App Key." The AWSSecretKey is the "App Secret."
Custom endpoint
A custom endpoint allows you to connect TrueContext to S3 compatible services. Only select this if you are using an S3 compatible service.