Bulk Data Access using AWS S3
To facilitate your access to bulk or sample data via Amazon S3, we offer three primary integration methods.
For all new customers and trial users, our standard process involves hosting your data in a dedicated, secure AWS bucket managed by our team. To ensure system hygiene, sample data is typically retained for 90 days, while empty buckets are decommissioned after 7 days.
Connection Methods
You may choose the method that best aligns with your internal security and workflow requirements:
Managed API Credentials
We provide a read-only API Key and Secret generated from our account. This is the fastest and most straightforward setup, though it may lack some advanced cross-account integration features. To select this, we will need to receive from you the authorized email address and/, optionally, an SMS/MMS/RCS capable phone number to send credential data to.
Account Delegation
By providing us with your AWS Account Number, we can delegate read access to your root user. This allows your administrators to manage and re-delegate permissions internally as needed.
IAM Role Assumption
If you prefer to manage access via an existing IAM Role, you can provide us with the Role ARN. We will then delegate the necessary read permissions directly to that specific identity. This can be obtained from the AWS Console when accessing IAM functions.
Permission Scopes
To maintain a secure environment, we apply the principle of least privilege. Regardless of the connection method chosen, access is limited to the following three actions:
s3:ListBucket: To view the contents and file structure.s3:GetBucketLocation: To identify the bucket's hosting region.s3:GetObject: To retrieve the actual data files.This configuration ensures you have the visibility and retrieval power needed to integrate the data into your own environment while maintaining a secure perimeter.