We just raised $142 million in our Series D Round! Read About Our Plans for the Future

Connect S3 Archive Connect S3 Archive

Last Updated: May. 03, 2022

Create an archive to store all your data as long as you need, on your own S3 bucket, for infinite retention. 

Configuration (recommended)

  1. Go to the Data Flow tab and click on Setup Archive.
  2. The buckets can be set up for each of the supported formats: CSV and CX-Data (BETA).

Add the Region code and Bucket name and Save.

Use the table below for the region name.

CodeName
us-east-1 US East (N. Virginia)US East (N. Virginia)
us-east-2 US East (Ohio)US East (Ohio)
us-west-1 US West (N. California)US West (N. California)
us-west-2 US West (Oregon)US West (Oregon)
ca-central-1Canada (Central)
eu-west-1Europe (Ireland)
eu-central-1Europe (Frankfurt)
eu-west-2Europe (London)
eu-north-1Europe (Stockholm)
ap-northeast-1Asia Pacific (Tokyo)
ap-northeast-2Asia Pacific (Seoul)
ap-southeast-1Asia Pacific (Singapore)
ap-southeast-2Asia Pacific (Sydney)
ap-south-1Asia Pacific (Mumbai)
sa-east-1South America (São Paulo)
  1. Under your AWS account in the search type S3.
  1. Find and click on the bucket you want to use for storing the archive.
  2. Navigate to the Permissions tab, next Bucket policy and click Edit.
  3. Paste the following code. Update the name of your bucket:
{
    "Version": "2012-10-17",
    "Id": "MyPolicyID",
    "Statement": [
        {
            "Sid": "MyStatementSid",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::625240141681:root"
            },
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::<bucket name>",
                "arn:aws:s3:::<bucket name>/*"
            ]
        }
    ]
}
  1. Click Save changes button.
  2. After you already added the bucket details in Coralogix (see step 1), all we need to do next is to validate our archive. Click on Validate Settings to make sure you have succeeded setting your archive.

Note: In case data on your bucket need to be encrypted then create KMS key and add the bold line (it might be needed to create “AWS” array as at the example)

{
    "Version": "2012-10-17",
    "Id": "key-consolepolicy-3",
    "Statement": [
        {
            "Sid": "Enable IAM User Permissions",
            "Effect": "Allow",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::625240141681:root",
                    "arn:aws:iam::<your user>:root"
                ]
            },
            "Action": "kms:*",
            "Resource": "*"
        }
    ]
}

Legacy configuration with ACLs

1. Go to the Data Flow tab and click on Setup Archive.

Add the Region code and Bucket name and Save.

Use the table below for the region name.

2. Under your AWS account in the search type S3.

3. Navigate to the Permissions and click Edit.

4. In Block public access (bucket settings) click ‘Edit’. Uncheck Block all public access and then check all bottom three options, leaving only Block public access to buckets and objects granted through new access control lists (ACLs) unchecked. Click Save changes.

5. Scroll back down to the Object Ownership section and click the Edit button. Make sure ACLs enabled, and Object writer are selected, then click Save changes:

6. Still Under Permissions scroll down to Access control list (ACL) and click Edit.

7. Click on Add grantee and Insert Coralogix canonical id: fa35ef450b07d311b09810445df9c1c4a316118d1899e4cd3db935414e4ba62d. Check the Write Objects checkbox to give Coralogix write objects permissions and click Save changes.

8. In order to use Coralogix’s advanced Archive query feature, check the List Objects and Read Bucket ACL options. Click Save changes.

Read/write permissions on  the bucket are mandatory  for direct  Archive Query to work.

9. After we already added the bucket details in Coralogix (see step 1), all we need to do next is to validate our archive. Click on Validate Settings to make sure you have Succedded setting your archive.

Note:
If encryption with AWS Key Management Service key (SSE-KMS) is enabled on your S3 bucket, then it is required to add “arn:aws:iam::625240141681:root” to your key policy. Example:

{
    "Version": "2012-10-17",
    "Id": "key-consolepolicy-3",
    "Statement": [
        {
            "Sid": "Enable IAM User Permissions",
            "Effect": "Allow",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::625240141681:root",
                    "arn:aws:iam::123456789012:root"
                ]
            },
            "Action": "kms:*",
            "Resource": "*"
        }
    ]
}

Now you are all set! 

On this page