Amazon S3 Endpoint
Amazon S3 endpoints connect Eve to S3-compatible object storage for governed bucket and object operations.
Endpoint Kind
Use s3 as the endpoint kind when creating this endpoint through the API or dashboard.
What Eve Uses This Endpoint For
- List, read, and manage object-storage data through approved tools.
- Use object storage in migration, analytics, and document-processing workflows.
- Centralize S3 credential handling.
- Support custom endpoints such as LocalStack or compatible object stores.
Basic Endpoint Shape
json
{
"endpoint": "s3-data",
"kind": "s3",
"config": {
"read_conn": {
"provider": "AwsS3",
"region": "us-east-1",
"default_bucket": "analytics-data",
"access_key_id": "AKIA...",
"secret_access_key": "secret"
}
}
}Create it with the endpoint API:
bash
curl -sS -X POST "$EDEN/endpoints" \
-H "$AUTH_HEADER" \
-H "Content-Type: application/json" \
-d '{
"endpoint": "s3-data",
"kind": "s3",
"config": {
"read_conn": {
"provider": "AwsS3",
"region": "us-east-1",
"default_bucket": "analytics-data",
"access_key_id": "AKIA...",
"secret_access_key": "secret"
}
}
}'Configuration Fields
| Field | Purpose |
|---|---|
region | AWS region |
access_key_id | Access key ID |
secret_access_key | Secret access key |
session_token | Optional session token |
default_bucket | Optional default bucket |
endpoint_url | Optional custom endpoint URL |
Operating Notes
- Use bucket policies and IAM to restrict object prefixes before exposing access through Eve.
- Avoid broad write/delete permissions unless the workflow requires them.
- Treat object contents as potentially sensitive and gate reads through RBAC.
Related
Last updated: October 20, 2018