Amazon S3 Connector

Manage objects and buckets in Amazon S3.

Connections

AWS Role ARN

Connect to AWS using an assumed role

AWS Assume Role authentication allows assuming an IAM role using temporary security credentials. This method is useful for cross account access or when implementing principle of least privilege.

Refer to the AWS documentation on assuming roles for detailed information.

Prerequisites

Completed API Key Secret connection setup (access key pair required)
Appropriate permissions to create IAM roles

Setup Steps

An IAM user with access keys is required to assume a role. If access keys have not been created, follow the API Key Secret setup steps first, then return here to create the IAM role.

Create an IAM Role with Trust Policy

From the IAM Console, navigate to Roles and select Create Role
Select Custom trust policy as the trusted entity type
Enter the trust policy below, replacing USER_ARN with the IAM user ARN:

View trust policy template

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "USER_ARN"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Click Next and attach the appropriate S3 permissions policy (e.g., AmazonS3FullAccess or AmazonS3ReadOnlyAccess)
Complete the remaining steps and select Create Role
Copy the Role ARN from the role summary (format: arn:aws:iam::123456789012:role/role-name)

Configure the Connection

Role ARN: The ARN of the IAM role to assume
Access Key ID: From the IAM user (see API Key Secret)
Secret Access Key: From the IAM user
External ID (optional): Shared secret for enhanced security

External ID

The External ID provides additional security for cross-account access. Refer to the AWS documentation for more information.

Verify Connection

The IAM user credentials assume the role, which provides temporary credentials with the role's attached permissions. Ensure the trust policy correctly references the IAM user ARN.

Input	Comments	Default
Role ARN	An AWS IAM Role ARN
Access Key ID	An AWS IAM Access Key ID
Secret Access Key	An AWS IAM Secret Access Key
External ID	Provides enhanced security measures to the connection. Optional, but recommended. Please check AWS docs for more information.

AWS S3 Access Key and Secret

Authenticates requests to AWS S3 using an API Key and Secret.

An AWS IAM access key pair is required to interact with Amazon S3. Ensure the key pair generated in AWS has proper permissions to the S3 resources to access. Read more about S3 IAM actions in the AWS documentation.

Prerequisites

An AWS account with IAM access
Appropriate permissions to create IAM access keys

Setup Steps

To create an IAM access key pair:

Sign in to the AWS Console and navigate to Identity and Access Management (IAM)
Select the IAM user that will be used for the integration
Navigate to the Security credentials tab
Under the Access keys section, select Create access key
Choose the appropriate use case (e.g., Third-party service or Application running outside AWS)
Copy both the Access key ID and Secret access key when displayed

Secret Key Visibility

The Secret access key is only shown once during creation. If it is not copied at this time, a new access key pair must be created.

Configure the Connection

Enter the Access key ID into the connection configuration
Enter the Secret access key into the connection configuration

Input	Comments	Default
Access Key ID	AWS IAM Access Key ID used for programmatic access. Create access keys in the AWS IAM Console under Security Credentials.
Secret Access Key	AWS IAM Secret Access Key paired with the Access Key ID. Important: This value is only shown once when created in the AWS IAM Console.

Triggers

New and Updated Files

Checks for new and updated files in a specified S3 bucket on a configured schedule.

Input	Comments	Default
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

New Buckets

Checks for new buckets on a configured schedule.

Input	Comments	Default
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

Webhook

Trigger to handle SNS subscription for S3 event notifications

Actions

Abort Multipart Upload

Abort a multipart upload

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Upload ID	The unique identifier for the multipart upload, returned by 'Create Multipart Upload' action.

Bucket SNS Event Trigger Configuration

Add events to send notifications to SNS Topic

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
SNS Topic ARN	The Amazon Resource Name (ARN) of the SNS topic. For more information, see SNS ARN Format.
Event Types	S3 event types that will trigger notifications. For more information, see S3 Event Notification Types.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Event Notification Name	A unique name for the event notification configuration.
Bucket Owner Account ID	The 12-digit AWS Account ID of the bucket owner. Find this in the AWS Console account settings or use the 'Get Current Account' action.

Complete Multipart Upload

Complete a multipart upload

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Upload ID	The unique identifier for the multipart upload, returned by 'Create Multipart Upload' action.
Parts	The list of uploaded parts to complete the multipart upload. Reference the 'Parts' field from the 'List Parts' action output.

Copy Object

Copy an object in S3 from one location to another

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Source Bucket Name	The source bucket containing the object to copy. For same-bucket copies, use the same name for both source and destination buckets.
Destination Bucket Name	The destination bucket where the object will be copied. For same-bucket copies, use the same name for both source and destination buckets.
Source Key	The source object's key (file path) to copy from. Do not include a leading /.
Destination Key	The destination object's key (file path) to copy to. Do not include a leading /.
ACL Permissions	Canned ACL permissions to apply to the object. For more information, see S3 Canned ACLs.

Create Multipart Upload

Create a multipart upload

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Object Tags	Key-value pairs to tag the object for filtering and organization. For more information, see S3 Object Tagging.
ACL Permissions	Canned ACL permissions to apply to the object. For more information, see S3 Canned ACLs.

Create SNS Topic For S3 Event Notification

Create an Amazon SNS Topic to be used with S3 Event Notifications

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Name	The name of the SNS topic to create.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

Delete Bucket

Deletes the S3 bucket. All objects in the bucket must be deleted before the bucket itself can be deleted

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

Delete Object

Delete an Object within an S3 Bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.

Delete Objects

Delete multiple objects from a bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Keys	A list of object keys to delete. These are the file paths of the objects you want to delete. Do not include a leading /.

Generate Presigned URL

Generate a presigned URL that can be used to upload or download an object in S3

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Action Type	Specifies whether the presigned URL will allow download or upload operations.	download
Expiration Seconds	Number of seconds until the presigned URL expires. Default is 3600 (1 hour).	3600

Generate Presigned URL for Multipart Uploads

Generate presigned URL's that can be used to upload or download an object in S3

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
URLs to Generate	The number of presigned URLs to generate for multipart uploads.	5
Upload ID	The unique identifier for the multipart upload, returned by 'Create Multipart Upload' action.
Expiration Seconds	Number of seconds until the presigned URL expires. Default is 3600 (1 hour).	3600

Get Bucket Location

Get the location (AWS region) of a bucket by name

Input	Comments	Default
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

Get Bucket Notification Configuration

Returns the notification configuration of a bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

Get Current Account

Get the current AWS account

Input	Comments	Default
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

Get Object

Get the contents of an object

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.

Get Object Attributes

Retrieves all the metadata from an object without returning the object itself

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Object Attributes	The object attributes to return in the response. Unspecified attributes are not returned.
Version ID	The version ID for the object whose metadata you want to retrieve.

Get Object Lock Configuration

Gets the Object Lock configuration for a bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

Get Object Retention

Retrieves an object's retention settings

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Version ID	The version ID for the object whose retention settings you want to retrieve.

Head Bucket

Determine if a bucket exists and if you have permission to access it

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

Head Object

Retrieve metadata from an object without returning the object itself

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.

List Buckets

List all buckets in an AWS account

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

List Multipart Uploads

Lists in-progress multipart uploads in a bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.

List Objects

List Objects in a Bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Prefix	List only objects prefixed with this string. For example, if you only want files in a directory called 'unprocessed', you can enter 'unprocessed/'. If this is left blank, all files in the selected bucket will be listed.
Max Keys	Maximum number of objects to return (1-1000). Defaults to 1000 if not specified.
Continuation Token	Pagination token returned by a previous request to retrieve the next page of results.
Include Metadata	When true, returns full object metadata and pagination information instead of just object keys.	false

List Parts

List parts of a multipart upload

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Upload ID	The unique identifier for the multipart upload, returned by 'Create Multipart Upload' action.

Put Bucket Notification Configuration

Replace an existing bucket notification configuration with a new one

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Topic Configurations	List of SNS topic configurations for bucket event notifications. For more information, see S3 Event Notifications.	`[ { "Id": "topic-1", "TopicArn": "arn:aws:sns:us-west-2:123456789012:mytopic", "Events": [ "s3:ObjectCreated:*" ], "Filter": { "Key": { "FilterRules": [ { "Name": "prefix", "Value": "images/" } ] } } } ]`
Queue Configurations	List of SQS queue configurations for bucket event notifications. For more information, see S3 Event Notifications.	`[ { "Id": "queue-1", "QueueArn": "arn:aws:sqs:us-west-2:123456789012:myqueue", "Events": [ "s3:ObjectCreated:*" ], "Filter": { "Key": { "FilterRules": [ { "Name": "prefix", "Value": "images/" } ] } } } ]`
Lambda Function Configurations	List of Lambda function configurations for bucket event notifications. For more information, see S3 Event Notifications.	`[ { "Id": "lambda-1", "LambdaFunctionArn": "arn:aws:lambda:us-west-2:123456789012:function:my-function", "Events": [ "s3:ObjectCreated:*" ], "Filter": { "Key": { "FilterRules": [ { "Name": "prefix", "Value": "images/" } ] } } } ]`
EventBridge Configuration	EventBridge configuration for bucket event notifications. For more information, see Using EventBridge with S3.	`{ "Id": "event-bridge-1", "EventBridgeArn": "arn:aws:eventbridge:us-west-2:123456789012:myeventbridge", "Events": [ "s3:ObjectCreated:*" ], "Filter": { "Key": { "FilterRules": [ { "Name": "prefix", "Value": "images/" } ] } } }`

Put Object

Write an object to S3

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
File Contents	The contents to write to the object. Accepts text strings or binary data (images, PDFs, etc.) from previous steps.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Object Tags	Key-value pairs to tag the object for filtering and organization. For more information, see S3 Object Tagging.
ACL Permissions	Canned ACL permissions to apply to the object. For more information, see S3 Canned ACLs.

Put Object Lock Configuration

Places an Object Lock configuration on the specified bucket

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Default Retention Mode	Object Lock retention mode for new objects. Must be used with either Default Retention Days or Years. For more information, see S3 Object Lock.
Default Retention Days	Number of days for the default retention period. Mutually exclusive with Default Retention Years.
Default Retention Years	Number of years for the default retention period. Mutually exclusive with Default Retention Days.

Put Object Retention

Places an Object Retention configuration on an object

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Retention Mode	Retention mode for the specified object. Required when Retain Until Date is set.
Retain Until Date	The date and time when Object Retention expires. Required when using Retention Mode. Must be in ISO 8601 format.
Version ID	The version ID of the object to apply retention configuration to. Required when versioning is enabled.

Subscribe to SNS Topic

Subscribe to an Amazon SNS Topic for S3 Event Notifications

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
SNS Topic ARN	The Amazon Resource Name (ARN) of the SNS topic. For more information, see SNS ARN Format.
Webhook Endpoint	The HTTPS endpoint URL that will receive S3 event notifications.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

Unsubscribe from a SNS Topic

Unsubscribe from an Amazon SNS Topic for S3 Event Notifications

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Subscription ARN	The Amazon Resource Name (ARN) of the SNS topic subscription.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.

Update SNS Topic Policy For S3 Event Notification

Update an Amazon SNS Topic Policy to grant S3 permission to publish

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
SNS Topic ARN	The Amazon Resource Name (ARN) of the SNS topic. For more information, see SNS ARN Format.
Bucket Owner Account ID	The 12-digit AWS Account ID of the bucket owner. Find this in the AWS Console account settings or use the 'Get Current Account' action.

Upload Part

Upload a chunk of a multipart file upload

Input	Comments	Default
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Upload ID	The unique identifier for the multipart upload, returned by 'Create Multipart Upload' action.
Part Number	The part number for this chunk in the multipart upload sequence (1-10,000).
File Chunk	The binary data chunk to upload as part of a multipart upload. Reference output from a previous step.

Upload Stream - Close Stream

Close an upload stream

Input	Comments	Default
Upload Stream ID	The ID of the upload stream to write to. Generate this with the 'Create Stream' action.

Upload Stream - Create Stream

Create an upload stream to S3

Input	Comments	Default
AWS Region	AWS provides services in multiple regions, like us-west-2 or eu-west-1.
Connection	The AWS S3 connection to use for authentication. Access keys provide programmatic access to AWS resources. Learn more.
Dynamic Access Key ID	Use this input to authenticate with AWS if you are using a dynamically-generated access key. Otherwise, use the connection to enter a static access key ID.
Dynamic Secret Access Key	Use this input to authenticate with AWS if you are using a dynamically-generated secret access key. Otherwise, use the connection to enter a static secret access key.
Dynamic Session Token	Use this input to authenticate with AWS if you are using a OPTIONAL dynamically-generated session token.
Object Key	An object in S3 is a file that is saved in a 'bucket'. This represents the object's key (file path). Do not include a leading /.
Bucket Name	An Amazon S3 'bucket' is a container where files are stored. You can create a bucket from within the AWS console. Bucket names contain only letters, numbers, and dashes.
Object Tags	Key-value pairs to tag the object for filtering and organization. For more information, see S3 Object Tagging.
ACL Permissions	Canned ACL permissions to apply to the object. For more information, see S3 Canned ACLs.

Upload Stream - Write Data

Write to an upload stream

Input	Comments	Default
Upload Stream ID	The ID of the upload stream to write to. Generate this with the 'Create Stream' action.
File Contents	The contents to write to the object. Accepts text strings or binary data (images, PDFs, etc.) from previous steps.

Connections​

AWS Role ARN​

Prerequisites​

Setup Steps​

Create an IAM Role with Trust Policy​

Configure the Connection​

Verify Connection​

AWS S3 Access Key and Secret​

Prerequisites​

Setup Steps​

Configure the Connection​

Triggers​

New and Updated Files​

New Buckets​

Webhook​

Actions​

Abort Multipart Upload​

Bucket SNS Event Trigger Configuration​

Complete Multipart Upload​

Copy Object​

Create Multipart Upload​

Create SNS Topic For S3 Event Notification​

Delete Bucket​

Delete Object​

Delete Objects​

Generate Presigned URL​

Generate Presigned URL for Multipart Uploads​

Get Bucket Location​

Get Bucket Notification Configuration​

Get Current Account​

Get Object​

Get Object Attributes​

Get Object Lock Configuration​

Get Object Retention​

Head Bucket​

Head Object​

List Buckets​

List Multipart Uploads​

List Objects​

List Parts​

Put Bucket Notification Configuration​

Put Object​

Put Object Lock Configuration​

Put Object Retention​

Subscribe to SNS Topic​

Unsubscribe from a SNS Topic​

Update SNS Topic Policy For S3 Event Notification​

Upload Part​

Upload Stream - Close Stream​

Upload Stream - Create Stream​

Upload Stream - Write Data​

Connections

AWS Role ARN

Prerequisites

Setup Steps

Create an IAM Role with Trust Policy

Configure the Connection

Verify Connection

AWS S3 Access Key and Secret

Prerequisites

Setup Steps

Configure the Connection

Triggers

New and Updated Files

New Buckets

Webhook

Actions

Abort Multipart Upload

Bucket SNS Event Trigger Configuration

Complete Multipart Upload

Copy Object

Create Multipart Upload

Create SNS Topic For S3 Event Notification

Delete Bucket

Delete Object

Delete Objects

Generate Presigned URL

Generate Presigned URL for Multipart Uploads

Get Bucket Location

Get Bucket Notification Configuration

Get Current Account

Get Object

Get Object Attributes

Get Object Lock Configuration

Get Object Retention

Head Bucket

Head Object

List Buckets

List Multipart Uploads

List Objects

List Parts

Put Bucket Notification Configuration

Put Object

Put Object Lock Configuration

Put Object Retention

Subscribe to SNS Topic

Unsubscribe from a SNS Topic

Update SNS Topic Policy For S3 Event Notification

Upload Part

Upload Stream - Close Stream

Upload Stream - Create Stream

Upload Stream - Write Data