Amazon Web Service Simple Storage Service

A new business process service that allows you to integrate with the Amazon Web Service Simple Storage Service (AWS S3) is introduced.

AWS S3 is an easy to use object storage, with a simple web service interface to store and retrieve any amount of data from anywhere on the web. With this, you pay only for the storage you actually use. There is no minimum fee and no setup cost.

AWS S3 offers the following advantages:

Secure, durable, highly-scalable cloud based storage solution
Large amounts of data storage and retrieval
Event notification in case of upload or download
Interactive web-based UI console

AWS S3 client service now allows temporary IAM role credentials for the business process services.

AWS Security Token Service (AWS STS) can be used to create and provide trusted users with temporary security credentials. Temporary credentials are useful in scenarios that involve identity federation, delegation, cross-account access, and IAM roles. Temporary security credentials are short-term. So you do not have to rotate them or explicitly revoke them when they're no longer needed. For more information, see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html.

After integrating AWS S3 with Sterling B2B Integrator, it creates a seamless connectivity to the cloud storage environment hosted by Amazon. This is a scalable, reliable, and portable storage solution. You can easily perform operations such as get, put, delete files and many more.

You can perform these operations using the AWS S3 client services:

create a directory on AWS S3
delete a file or a directory on AWS S3
retrieve a specific file (using specific filename) from AWS S3
put a specific file from mailbox or file system to AWS S3
retrieve or put files based on wildcard
obscure access key and secret key
list the files
retrieve the list of files
connect to a specific AWS S3 endpoint

Note:

From v6.0.2 or later, the AWS S3 client service supports multipart object upload and download to AWS S3 from Sterling B2B Integrator.
From v6.0.1 onward, proxy support for AWS S3 is introduced. For more information, see Proxy support for AWS S3.
From v6.1.2.2 onward, the AWS S3 client service allow you to configure temporary security credentials. Temporary security credentials consists of accesskey, secretAccesKey, and sessionToken. You can use following business process parameters to pass temporary credentials:
```
<assign to="awss3.accesskey">dummyaccesskey</assign>
<assign to="awss3.secretkey">dummysecretkey</assign>
<assign to="awss3.sessiontoken">dummysecretkey</assign>
```

Important: Sterling B2B Integrator does not generate temporary credentials (access_key, secret_key, session_token). You can use AWS Security Token Service (AWS STS) REST API or command line option to request temporary credentials. Temporary credentials are short lived. Hence, the AWSS3ClientForB2Bi Adapter UI does not allow you to add the session token parameter. For more information, see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html.

Important: AWS S3 uses the JVM truststore to verify the root certificate of S3 server. If the truststore does not contain the S3 root certificate, then the SSL communication fails. To ensure the SSL communication is successful, you must import the certificate manually in the runtime JVM truststore.

Configuring IAM role for AWS S3 Adapter

Create a policy for S3 from the AWS Management Console.
Assign the below permissions to the policy:
- ListBucket
- GetObject
- GetBucketPolicy
- DeleteObject
- PutObject
- DeleteBucketPolicy
- PutBucketPolicy
  Note: Sterling B2B Integrator requires only the permissions listed above for AWS S3 Business Processes.
In the Resources section, specify the ARN for the actions selected above.
- For bucket, specify the Amazon S3 bucket to allow access. For instance, if you want to allow access to the Amazon S3 bucket named example-bucket, then set the Amazon Resource Name (ARN) value to arn:aws:s3:::example-bucket.
- Choose Add ARN for object. For the Amazon S3 bucket, specify the Amazon S3 bucket to allow access. For the object, you can choose Any to grant permissions to any object in the bucket.
Review and create the policy. For more information, see https://docs.aws.amazon.com/AmazonS3/latest/userguide/user-policies.html.
Create a Role and select the S3 policy you created above.
Note: While creating an EC2 instance or any existing EC2 instance, you can specify the above created Role under Advanced Details.

Installing AWS SDK for Java on Sterling B2B Integrator Certified Container/Docker deployment

On the B2BI dashboard, select Customization > Customization and click the Click Here To Access link.
In the Customization log in screen, enter the user name and password and click Log in.
Click Custom Jar.
Click Create CustomJar.
Set the following parameters:
- Vendor Name - awssdk
- Vendor Version - <VERSION> (from the aws-java-sdk-<VERSION>.jar you downloaded earlier)
- File Type - LIBRARY
- Target Path - Every

Upload the files mentioned below:

Note: Create multiple custom jars using the same parameters as mentioned in step 5 above, along with each file mentioned below.

aws-java-sdk-[version].jar (Found in aws-java-sdk-[version]/lib)
httpclient-[version].jar, httpcore-[version].jar, jackson-annotations-[version].jar,  jackson-core-[version].jar, 
jackson-databind-[version].jar, joda-time-[version].jar, netty-*.jar (found in aws-java-sdk-[version]/third-party/lib)

Restart the ASI, AC, and API Pods. For Openshift and Kubernetes deployments, run the helm upgrade command to restart the pods. For Docker deployments, restart the container.

Installing AWS SDK for Java

You must download and install the AWS SDK for Java before performing any of the above operations.

Download AWS SDK for Java from this location - https://sdk-for-java.amazonwebservices.com/latest/aws-java-sdk.zip.
Go to aws-java-sdk[version]/lib and copy aws-java-sdk-[version].jar file to the server where Sterling B2B Integrator is installed.

Go to aws-java-sdk[version]/third-party/lib and copy these jar files to the server where Sterling B2B Integrator is installed.


httpclient-[version].jar
httpcore-[version].jar
jackson-annotations-[version].jar
jackson-core-[version].jar
jackson-databind-[version].jar
joda-time-[version].jar
netty-*.jar

Install the above jar files using install3rdParty.sh.
1. Stop Sterling B2B Integrator.
2. Go to ./install/bin and run install3rdParty.sh.
  ./install3rdParty.sh awssdk [aws version] -j <path>/[jar name].jar
  For example:
  ./install3rdParty.sh awssdk 1.11.401 -j <path>/aws-java-sdk-1.11.401.jar
  ./install3rdParty.sh awssdk 1.11.401 -j <path>/httpclient-4.5.2.jar
Edit install/properties/dynamicclasspath.cfg.in and move these entries to top of the file.
VENDOR_JAR=&INSTALL_DIR;/jar/awssdk/1.11.401/aws-java-sdk-1.11.401.jar
VENDOR_JAR=&INSTALL_DIR;/jar/awssdk/1.11.401/httpclient-4.5.2.jar
Note: In case of Certified Container, you need to copy the modified dynamicclasspath.cfg.in in config folder of the helm charts and do the helm upgrade.
Restart Sterling B2B Integrator.

Making AWS keys as optional for AWS S3

You can make the AWS keys as optional using the following options:

Add Access Keys and Secret Keys as part of environment variables
Add Access Keys and Secret Keys as part of credentials file
Allow EC2 instance to access S3 bucket using IAM roles
Add temporary security credentials (access keys, secret keys, and session tokens) as part of environment variables, a credentials file, or EC2 instance profile credentials

Note: For more information, see Working with AWS Credentials.

The AWS S3 service follows the priority sequence listed below to locate the AWS keys:

Credentials in business process
Credentials in S3 Adapter
Environment variables
Instance default credential profiles file
EC2 instance profile credentials

Note: It is not recommended to store Access Keys and Secret Keys as part of credentials file.

For more information on AWS Identity and Access Management (IAM) service, see Security best practices in IAM.

AWS S3 Client Service - Create Directory Operation

Description	This service is used to create a directory inside a given AWS S3 bucket.
Business usage	This service is used to create a specific directory on a given bucket dynamically using Sterling B2B Integrator and then you can use put/ get services to put/get files into that directory.
Parameters description	`action - mkdir awss3.foldername – Name of the directory to create awss3.bucketname – Name of S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to create a directory inside a given AWS S3 bucket.

Business usage

This service is used to create a specific directory on a given bucket dynamically using Sterling B2B Integrator and then you can use put/ get services to put/get files into that directory.

Parameters description


action - mkdir
awss3.foldername – Name of the directory to create
awss3.bucketname – Name of S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region    –  Region of S3 bucket. This is optional.
awss3.endpoint  –  Endpoint for S3. This is optional.

Implementing the AWS S3 Client - Create Directory Service

To implement the AWS S3 Client - Create Directory Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientCreate">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>mkdir</assign>
            <assign to="awss3.foldername">dummyfoldername</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
                <assign to="awss3.accesskey">dummyaccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Delete File Operation

Description	This service is used to delete a specific file inside a specific folder from a given AWS S3 bucket.
Business usage	This service is used to delete any unwanted file from a specific directory on a given bucket dynamically using Sterling B2B Integrator.
Parameters description	`action - delete awss3.filename – Name of the file to delete awss3.foldername – Name of the directory containing the file awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to delete a specific file inside a specific folder from a given AWS S3 bucket.

Business usage

This service is used to delete any unwanted file from a specific directory on a given bucket dynamically using Sterling B2B Integrator.

Parameters description


action - delete
awss3.filename –   Name of the file to delete
awss3.foldername – Name of the directory containing the file
awss3.bucketname – Name of the AWS S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region    –  Region of S3 bucket. This is optional.
awss3.endpoint  –  Endpoint for S3. This is optional.

Implementing the AWS S3 Client - Delete File Service

To implement the AWS S3 Client - Delete File Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientDeleteFile">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>delete</assign>
            <assign to="awss3.foldername">dummyfoldername</assign>
            <assign to="awss3.filename">dummyfilename</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
                <assign to="awss3.accesskey">dummyaccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Note:

To delete a file present in a specific directory, make sure to mention the awss3 foldername parameter with correct value. To delete a file under the bucket, mention the awss3 foldername parameter as /.

AWS S3 Client Service - Delete Directory Operation

Description	This service is used to delete a directory inside a given AWS S3 bucket.
Business usage	This service is used to delete a specific directory on a given bucket dynamically using Sterling B2B Integrator.
Parameters description	`action - delete awss3.foldername – Name of the directory to delete awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to delete a directory inside a given AWS S3 bucket.

Business usage

This service is used to delete a specific directory on a given bucket dynamically using Sterling B2B Integrator.

Parameters description


action - delete
awss3.foldername – Name of the directory to delete
awss3.bucketname – Name of the AWS S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region –     Region of S3 bucket. This is optional.
awss3.endpoint –   Endpoint for S3. This is optional.

Implementing the AWS S3 Client - Delete Directory Service

To implement the AWS S3 Client - Delete Directory Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientDeleteFolder">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>delete</assign>
            <assign to="awss3.foldername">dummyfoldername</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
                <assign to="awss3.accesskey">dummysccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Get A File Operation

Description	This service is used to retrieve a specific file from a given AWS S3 bucket.
Business usage	This service is used to retrieve a specific file from a given bucket dynamically using Sterling B2B Integrator.
Parameters description	`action - get awss3.filename – Name of the file to retrieve awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional. useOrigFileName - Retains the original file name and does not append the date/time stamp to the file name. This is optional.`
Properties	The following properties are included in the awss3.properties file: maxDownloadFileSizeBytes - Sets the maximum size of a downloaded file that can be placed into ProcessData. You write the file to disk and files that are beyond that limit has a PrimaryDocument created with a file name in the location of source.downloadloc set in the BP. The maxDownloadFileSizeBytes property is present in the awss3.properties.in file with a default value of 10000000 bytes (10 MB). If the property is not present in the awss3.properties file, the default is 10 MB. Sample value for 10 MB is 10485760.

Implementing the AWS S3 Client - Get A File Service

To implement the AWS S3 Client Get A File Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientGet">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>get</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.filename">dummyfilename</assign>
                <assign to="awss3.accesskey">dummyaccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
                <assign to="useOrigFileName">true</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Put a File from Mailbox to AWS S3

Description	This service is used to retrieve message from mailbox and put it on AWS S3 to a given AWS S3 bucket.
Business usage	This service is used to retrieve a message from mailbox and send it to AWS S3 on a given bucket dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - put mbx.messageid – Message ID from mailbox awss3.filename – Name of the file on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to retrieve message from mailbox and put it on AWS S3 to a given AWS S3 bucket.

Business usage

This service is used to retrieve a message from mailbox and send it to AWS S3 on a given bucket dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.

Parameters description


action - put
mbx.messageid –    Message ID from mailbox
awss3.filename –   Name of the file on AWS S3
awss3.bucketname – Name of the AWS S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region – Region of S3 bucket. This is optional.
awss3.endpoint – Endpoint for S3. This is optional.

Implementing the AWS S3 Client Put Service (Put a File from Mailbox to AWS S3)

To implement the AWS S3 Client Put Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientPUTFromMBXtoAWSS3">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>put</assign>
            <assign to='mbx.messageid'>dummymessageid</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.filename">dummyfilename</assign>
                <assign to="awss3.accesskey">dummyaccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Put a File from File System to AWS S3

Description	This service is used to retrieve the file from file system and put it on AWS S3 to a given AWS S3 bucket.
Business usage	This service is used to retrieve a file from file system and send it to AWS S3 on a given bucket dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - put source.path – File system path of the file awss3.filename – Name of the file on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to retrieve the file from file system and put it on AWS S3 to a given AWS S3 bucket.

Business usage

This service is used to retrieve a file from file system and send it to AWS S3 on a given bucket dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.

Parameters description


action - put
source.path      –  File system path of the file
awss3.filename   –  Name of the file on AWS S3
awss3.bucketname –  Name of the AWS S3 bucket
awss3.accesskey  –  Access key of the IAM user
awss3.secretkey  –  Secret key of the IAM user
awss3.region     –  Region of S3 bucket. This is optional.
awss3.endpoint   –  Endpoint for S3. This is optional.

Implementing the AWS S3 Client Put Service (Put a File from File System to AWS S3)

To implement the AWS S3 Client Put Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientPut">
  <sequence>
        <operation name="Extract File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>put</assign>
            <assign to='source.path'>dummysourcepath</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.filename">dummyfilename</assign>
                <assign to="awss3.accesskey">dummyaccesskey</assign>
                <assign to="awss3.secretkey">dummysecretkey</assign>
                <assign to="awss3.endpoint">dummyendpoint</assign>
                <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Note: To put a file in a specific folder in AWS S3, make sure to mention the full path containing the folder name in <assign to="awss3.filename">.

For example:

<assign to="awss3.filename">TestFolder/testfile.txt</assign>

AWS S3 Client Service - Put a Folder from File System to AWS S3

Description	This service is used to retrieve a folder from file system and put all the contents of directory on AWS S3 to a given AWS S3 bucket.
Business usage	This service is used to retrieve a folder from file system and send it to AWS S3 on a given bucket dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - put source.path – File system path of the folder awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Implementing the AWS S3 Client Put Service (Put a Folder from File System to AWS S3)

To implement the AWS S3 Client Put Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientPutDirectory">
  <sequence>
        <operation name=" Upload directory">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>put</assign>
            <assign to='source.path'>dummysourcepath</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	    <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Note: To put the directory contents in a specific folder in AWS S3, make sure to mention the value for folder name parameter in <assign to="awss3.foldername">dummyfoldername</assign>.

If you do not mention the folder name, all the files present in directory in the local file system are copied directly to the bucket in AWS S3.

AWS S3 Client Service - Get a Folder from AWS S3 to File System

Description	This service is used to retrieve folder from AWS S3 and put it on the file system.
Business usage	This service is used to retrieve a folder from AWS S3 and send it to the file system dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - get awss3.foldername – Folder path on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Implementing the AWS S3 Client Get Service (Get a Folder from AWS S3 to File System)

To implement the AWS S3 Client Get Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientGetDirectory">
  <sequence>
        <operation name="Extract directory">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>get</assign>
            <assign to="awss3.foldername">dummyfoldername</assign>            
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	     <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Get a List of files from AWS S3 to File System

Description	This service is used to retrieve list of files from AWS S3 and put it on file system.
Business usage	This service is used to retrieve a list of files from AWS S3 and send it to file system dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - get awss3.fileList – List of files on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Implementing the AWS S3 Client Get Service (Get a List of Files from AWS S3 to File System)

To implement the AWS S3 Client Get Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientGetFileList">
  <sequence>
        <operation name="Extract File List">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>get</assign>
            <assign to="awss3.fileList">dummyfilename1,dummyfilename2,dummyfilename3</assign>            
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	     <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Put a List of files from File System to AWS S3

Description	This service is used to put list of files from the file system on AWS S3.
Business usage	This service is used to retrieve a list of files from AWS S3 and send it to file system dynamically using Sterling B2B Integrator. You can then process this file using other AWS capabilities.
Parameters description	`action - get source.fileList – List of files on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Implementing the AWS S3 Client Put Service (Put a List of Files from File System to AWS S3)

To implement the AWS S3 Client Put Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientPutFileList">
  <sequence>
        <operation name="Extract File List">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>put</assign>
	     <assign to='source.path'>dummysourcepath</assign>
	     <assign to="awss3.fileList">dummyfilename1,dummyfilename2,dummyfilename3</assign>            
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	     <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Note: To put the list of files under a specific folder in AWS S3, mention the value for folder name parameter in

<assign to="awss3.foldername">dummyfoldername</assign>

AWS S3 Client Service - Get files based on pattern from AWS S3 to file system

Important: Make sure you have the list permission on the specified path to perform this operation. If you have list permission only to a specific sub-folder or sub-path, include the parameter s3.prefix in the Business Process.

Description	This service is used to get files based on pattern from AWS S3 to file system.
Business usage	This service is used to get files based on pattern from AWS S3 to file system dynamically using Sterling B2B Integrator.
Parameters description	`action – get awss3.filepattern – Pattern of files on AWS S3 awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to get files based on pattern from AWS S3 to file system.

Business usage

This service is used to get files based on pattern from AWS S3 to file system dynamically using Sterling B2B Integrator.

Parameters description


action            – get
awss3.filepattern – Pattern of files on AWS S3
awss3.bucketname  – Name of the AWS S3 bucket
awss3.accesskey   – Access key of the IAM user
awss3.secretkey   – Secret key of the IAM user
awss3.region      – Region of S3 bucket. This is optional.
awss3.endpoint    – Endpoint for S3. This is optional.

Implementing the AWS S3 Client Get Service (Get Files based on pattern from AWS S3 to file system)

To implement the AWS S3 Client Get Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientGetFilePatternList">
  <sequence>
        <operation name=" Extract File Pattern List">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>get</assign>
	     <assign to="awss3. filepattern">dummyfilepattern</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	     <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 prefixes (similar to folders) are included when matching the awss3.filepattern.
The awss3.filepattern must contain a valid regular expression supported by Java 8.

Example values of awss3.filepattern:

Assignment	Result
`<assign to="awss3.filepattern">.\/test.*[.]txt$</assign>`	All test*.txt objects
`<assign to="awss3.filepattern">test/support/activemq_.+</assign>`	All objects with prefixes test/support and starting with active_mq_
`<assign to="awss3.filepattern">test/support/.+</assign>`	All objects with prefixes test/support
`<assign to="s3.prefix">test/support</assign> <assign to="awss3.filepattern">.+</assign>`	This operation will list the specified prefix and apply the pattern match.

AWS S3 Client Service - Put files based on pattern from File System to AWS S3

Description	This service is used to put files based on pattern from file system on AWS S3.
Business usage	This service is used to put files based on pattern from file system on file AWS S3 dynamically using Sterling B2B Integrator.
Parameters description	`action – put source.path - File system path of the file source.filepattern – Pattern of files from file system awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to put files based on pattern from file system on AWS S3.

Business usage

This service is used to put files based on pattern from file system on file AWS S3 dynamically using Sterling B2B Integrator.

Parameters description


action –           put
source.path -      File system path of the file
source.filepattern – Pattern of files from file system
awss3.bucketname – Name of the AWS S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region –     Region of S3 bucket. This is optional.
awss3.endpoint –   Endpoint for S3. This is optional.

Implementing the AWS S3 Client Put Service (Put files based on pattern from File System to AWS S3 )

To implement the AWS S3 Client Put Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientPutFilePatternList">
  <sequence>
        <operation name=" Extract File Pattern List">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>put</assign>
	     <assign to='source.path'>dummysourcepath</assign>
	     <assign to="source.filepattern">dummyfilepattern</assign>
       <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	    <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Note: To put the list of files under a specific folder in AWS S3, mention the value for folder name parameter in

<assign to="awss3.foldername">dummyfoldername</assign>

AWS S3 Client Service - List files on AWS S3

Description	This service is used to list files on AWS S3.
Business usage	This service is used to list files on AWS S3 dynamically using Sterling B2B Integrator.
Parameters description	`action – list awss3.bucketname – Name of the AWS S3 bucket awss3.accesskey – Access key of the IAM user awss3.secretkey – Secret key of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service is used to list files on AWS S3.

Business usage

This service is used to list files on AWS S3 dynamically using Sterling B2B Integrator.

Parameters description


action – list
awss3.bucketname – Name of the AWS S3 bucket
awss3.accesskey –  Access key of the IAM user
awss3.secretkey –  Secret key of the IAM user
awss3.region –     Region of S3 bucket. This is optional.
awss3.endpoint –   Endpoint for S3. This is optional.

Implementing the AWS S3 Client List Service (List Files on AWS S3)

To implement the AWS S3 Client List Service, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientList">
  <sequence>
        <operation name="List File">
          <participant name='AWSS3Client'/>
          <output message='xout'>
            <assign to='action'>list</assign>
            <assign to="awss3.bucketname">dummybucketname</assign>
            <assign to="awss3.accesskey">dummyaccesskey</assign>
            <assign to="awss3.secretkey">dummysecretkey</assign>
	     <assign to="awss3.endpoint">dummyendpoint</assign>
            <assign to="awss3.region">dummyregion</assign>
            <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

AWS S3 Client Service - Obscuring Keys for AWS S3

Description	This service works with an obscured access key and a secret key, or temporary security credentials (access key, secret key, session token) on all AWS S3 operations.
Business usage	This service works with obscured access key and secret key on all AWS S3 operations dynamically using Sterling B2B Integrator.
Parameters description	`action – get/put/list/delete awss3.bucketname – Name of the AWS S3 bucket awss3.filename – File Name on AWS S3 bucket awss3.obscuredaccesskey – Obscured Access key of the IAM user awss3.obscuredsecretkey – Obscured Secret key of the IAM user awss3.obscuredsessiontoken - Obscured Session token of the IAM user awss3.region – Region of S3 bucket. This is optional. awss3.endpoint – Endpoint for S3. This is optional.`

Description

This service works with an obscured access key and a secret key, or temporary security credentials (access key, secret key, session token) on all AWS S3 operations.

Business usage

This service works with obscured access key and secret key on all AWS S3 operations dynamically using Sterling B2B Integrator.

Parameters description


action – get/put/list/delete
awss3.bucketname – Name of the AWS S3 bucket
awss3.filename – File Name on AWS S3 bucket
awss3.obscuredaccesskey –  Obscured Access key of the IAM user
awss3.obscuredsecretkey –  Obscured Secret key of the IAM user
awss3.obscuredsessiontoken - Obscured Session token of the IAM user
awss3.region – Region of S3 bucket. This is optional.
awss3.endpoint – Endpoint for S3. This is optional.

Implementing the AWS S3 Client Service with Obscuring keys (Obscuring Files on AWS S3)

To obscure key, run the below script and use the output in the BP. Go to ./install/bin and run obscure_passphrase.sh/obscure_passphrase.sh accesskey/secretkey.

To implement the AWS S3 Client Service with obscured keys, replace the dummy values with the actual values in the following BP:


<process name="AWSS3ClientGetWithObscuredKey ">
  <sequence>
        <operation name=" Extract File with obscured keys ">
          <participant name='AWSS3Client'/>
          <output message='xout'>
           <assign to='action'>get</assign>
           <assign to="awss3.bucketname">dummybucketname</assign>		    
           <assign to="awss3.filename">testplain.txt</assign>
           <assign to="awss3.obscuredaccesskey ">dummyobscuredaccesskey</assign>
           <assign to="awss3.obscuredsecretkey ">dummyobscuredsecretkey</assign>
           <assign to="awss3.obscuredsessiontoken ">dummyobscuredsessiontoken</assign> 
	    <assign to="awss3.endpoint">dummyendpoint</assign>
           <assign to="awss3.region">dummyregion</assign>
           <assign to='.' from='PrimaryDocument' />
          </output>
         <input message="xin">
           <assign to="." from="*"/>
         </input>
        </operation>
  </sequence>
</process>

Dell Elastic Cloud Storage (ECS) support

Dell ECS supports a subset of the Amazon S3 API.

You can import the certificates related to Dell ECS to the CA certificate store. To connect to Dell ECS Storage, you must configure these certificates as part of the AWSS3ClientForB2Bi Adapter. Additionally, you can add the appropriate Endpoint URL and Port for the connection.

The system supports all S3 operations when connecting to Dell ECS storage. For more information, see Amazon S3 API support in ECS.

Note: Dell ECS does not support Region. So, you must set the region as Standard while configuring the AWSS3ClientForB2Bi Adapter or the AWSS3 Business Processes for Dell ECS Storage.

Important:

You can specify the file storage location for S3 Get Service as Document Store and Filesystem in the adapter or Business Process. By default, files are stored in Document Store or Filesystem. If the files need to be stored only in Document Store, you can select Document Store option in the AWSS3ClientForB2Bi Adapter or add an entry in the Business Process as below.
```
<assign to="s3.fileStorage">DOCUMENT_STORE</assign>
```
You can upload the files to S3 bucket with Public Read access by specifying awss3.publicaccess in AWS Put BPs such as Put file, Put directory, Put File list, Put File Pattern list, and Put from Mailbox. The valid values for awss3.publicaccess are true and false.
While uploading the files to AWS S3 server with Public Read access, make sure that the AWS account also has Public_access permission granted, for the PUT file operation to be successful. If the AWS account does not have this (public_read access) permission and you try to PUT a file with parameter, the system displays an error message.
The Primary Document or document info link for the get file is available for files lesser than 2MB and unavailable for files greater than 2MB.

IBM Cloud Object Storage support

IBM Cloud Object Storage supports a subset of the S3 API for easy migration of applications to IBM Cloud.

You can add the bucket and its appropriate Endpoint URL for connection along with the Access Key and Secret key. Region is optional if the IBM Cloud Object Storage Endpoint URL has the region in it. All the S3 operations are supported when you connect to IBM Cloud Object Storage. For more information, see IBM Cloud Object Storage S3 API.