In Geovonic Connect, data sources provide connectivity to third-party business systems. The AWS S3 File data source allows you to fetch signed links to files on AWS S3 based on a folder structure.

For example, you might store files in AWS S3 with a naming convention such as properties/{{PROPERTY_ID}}/documents. This data source will find all the files contained in the matching documents folder and return links for the user to open.

Data Source Configuration

The AWS S3 file data source configuration requires a few fields to provide the file location and authentication credentials.

• AWS Region – the region where your S3 bucket is hosted (e.g. us-west-2).
• Bucket – the S3 bucket name.
• Access Key ID – access key for an IAM role with S3 GetObject permission.
• Secret Key – secret to match the access key.

It is important when configuring any integration service to follow the Principle of Least Privilege. Any credentials used for the AWS S3 bucket should only be able to access the minimum amount of information to meet the needs of your Geovonic Connect application. For example, do not provide the admin credentials for your AWS account as Geovonic Connect only needs to read from a single bucket. Best practice is to create a new user with the least required privileges.

Layer Link Configuration

The AWS S3 layer link configuration has a single field to describe the folder structure (aka path prefix) for indexing your documents.