Question
Why do I see an S3 permission access error when I try to export to a S3 location
Example of API
https://<environment>.reltio.com/jobs/export/<tenant_id>/activities?filter=(gt(timestamp,<value>))&s3Path=<path>filter=(gt(timestamp,<value>)): Filters the activity logs to include only those entries where the timestamp is greater than the specified value. The timestamp should be in milliseconds since the Unix epoch.
s3Path=<path>: Specifies the path within the S3 bucket where the exported data will be stored. This parameter is used when directing the export output to a custom S3 location.
Error returned
S3 Service error: Can't check that object exists on s3: bucket['<bucket>'], key['relto/part-00000.zip']. com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: AN18G1S6DBD0STVE; S3 Extended Request ID:
Answer
- DISABLE any KMS encryptionsand do not use it in an export request
- Do a successful export with step 1, and ONLY AFTER that, try to add KMS into your export logic.
References
Please search the following article from the Reltio documentation
- Encrypt your tenant with Reltio Shield
- Exporting Activity Log Data
Comments
Please sign in to leave a comment.