The fields for the Amazon S3 Gateway service are as seen in the following figure.
The following table describes the additional fields relevant for the Amazon S3 Gateway service.
Field | Sub-Field | Description | Notes |
---|---|---|---|
Object Mapping | List of source and target objects that the service will use. | ||
Source | Bucket path where data that needs to be protected is stored. For example, john.doe/incoming . | The DSG supports four levels of nested folders in an Amazon S3 bucket. | |
Target | Bucket path where protected data is stored. For example, john.doe/outgoing . | ||
Streaming | List of file processing delimiters to process file using streaming.Note: The Text, CSV, and Binary payloads are supported. If you want to use XML/JSON payload with HTTP streaming, ensure you use the Text payload for extract rule. | ||
Filename | Regular Expression to look for in the file’s name and path before applying streaming (e.g. \.csv$) | ||
Delimiter | Regular Expression used to delimit stream. Rules will be invoked on delimited streams. | If the delimiter value is not matched, then the data will be processed in non-streaming mode. | |
The options for the Outbound Transport Settings field in the Amazon S3 Gateway are described in the following table.
Options | Description |
---|---|
SSECustomerAlgorithm | If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used. |
SSECustomerKey | Constructs a new customer provided server-side encryption key. |
SSECustomerKeyMD5 | If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key. |
ServerSideEncryption | The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms). |
StorageClass | Specifies constants that define Amazon S3 storage classes. |
SSEKMSKeyId | Specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object. |
ACL | Allows controlling the ownership of uploaded objects in an S3 bucket.For example, if ACL or Access Control List is set to “bucket-owner-full-control”, new objects uploaded by other AWS accounts are owned by the bucket owner. By default, the objects uploaded by other AWS accounts are owned by them. |