Amazon S3 Out-of-Band Service
About the S3 gateway fields.
The fields for the Amazon S3 Gateway service are as seen in the following figure.
The following table describes the additional fields relevant for the Amazon S3 Gateway service.
| Field | Sub-Field | Description | Notes |
|---|---|---|---|
| Object Mapping | List of source and target objects that the service will use. | ||
| Source | Bucket path where data that needs to be protected is stored. For example, john.doe/incoming. | The DSG supports four levels of nested folders in an Amazon S3 bucket. | |
| Target | Bucket path where protected data is stored. For example, john.doe/outgoing . | ||
| Streaming | List of file processing delimiters to process file using streaming.Note: The Text, CSV, and Binary payloads are supported. If you want to use XML/JSON payload with HTTP streaming, ensure you use the Text payload for extract rule. | ||
| Filename | Regular Expression to look for in the file’s name and path before applying streaming (e.g. \.csv$) | ||
| Delimiter | Regular Expression used to delimit stream. Rules will be invoked on delimited streams. | If the delimiter value is not matched, then the data will be processed in non-streaming mode. | |
The options for the Outbound Transport Settings field in the Amazon S3 Gateway are described in the following table.
| Options | Description |
|---|---|
| SSECustomerAlgorithm | If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used. |
| SSECustomerKey | Constructs a new customer provided server-side encryption key. |
| SSECustomerKeyMD5 | If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key. |
| ServerSideEncryption | The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms). |
| StorageClass | Specifies constants that define Amazon S3 storage classes. |
| SSEKMSKeyId | Specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object. |
| ACL | Allows controlling the ownership of uploaded objects in an S3 bucket.For example, if ACL or Access Control List is set to “bucket-owner-full-control”, new objects uploaded by other AWS accounts are owned by the bucket owner. By default, the objects uploaded by other AWS accounts are owned by them. |
Feedback
Was this page helpful?