Configuring S3 for Bulk Delivery

Introduction

Regrid can deliver bulk data files to clients' AWS S3 Buckets with the steps outlined below. The client-provided S3 Bucket will be managed by Regrid's AWS delivery process and should be used for nothing other than accepting delivery of licensed data from Regrid.

All deliveries are a push process with older files being overwritten by new county files and outdated files being removed by Regrid.

Prerequisites

  • Familiarity with AWS S3 Buckets
  • Access to your organization's AWS Console or other tools to create and configure an S3 Bucket for delivery

Step-by-Step

  1. Log in to the AWS Console and view the S3 Service Dashboard
  2. On the S3 Dashboard, click the orange "Create bucket" button in the top right of the "Buckets" list
  3. Choose the name for the bucket. This is the name that will need to be put in the Permissions Policy JSON below
  4. Select a region for the bucket
  5. Leave "Block all public access" checked. Make sure it is checked if it is not
  6. Default Encryption settings can be left as default: 'Server-side encryption with Amazon S3 managed keys (SSE-S3)' and Bucket Key 'Enabled'
  7. Scroll to the bottom, no other options need adjustment
  8. Click "Create bucket" at the bottom of the screen. If your bucket is successfully created you will be returned to the main S3 Dashboard, and your new bucket will be in the "Buckets" list.
  9. Click your newly created bucket to configure the Permissions.
  10. Click on the 'Permissions' tab on your new bucket overview page
  11. Leave "Block all public access" checked. Make sure it is checked if it is not
  12. In the "Bucket policy" section, click on the "Edit" button.
  13. Copy and paste the Permissions Policy JSON below into the "Policy" text field. 
    {
  "Version": "2012-10-17",
  "Statement": [
   {
       "Sid": "Regrid Bucket Permissions",
       "Effect": "Allow",
       "Principal": {
           "AWS": "arn:aws:iam::384525388851:user/loveland-data-delivery"
       },
       "Action": "s3:*",
       "Resource": "arn:aws:s3:::replace_with_bucket_name"
   },
   {
       "Sid": "Regrid Object Permissions",
       "Effect": "Allow",
       "Principal": {
           "AWS": "arn:aws:iam::384525388851:user/loveland-data-delivery"
       },
       "Action": "s3:*",
       "Resource": "arn:aws:s3:::replace_with_bucket_name/*"
   }
  ]
}
  14. Make sure the placeholder text 'replace_with_bucket_name' has been replaced in the two (2) places it appears in the text above
  15. Click the "Save changes" button below the "Policy" box

Email tech@regrid.com with:

  1. Your bucket's name
  2. Your bucket's AWS Region
  3. The format or formats you would like delivered
In this section