S3 Bucket Configuration

Learn the configuration process for receiving SafeGraph places data on a monthly basis, as part of an enterprise license. Learn how to configure an S3 bucket for data delivery, enabling automatic data delivery as per your enterprise account and ensuring you will automatically receive weekly or monthly data.

S3 Bucket Configuration

The first step of the delivery process is to configure an S3 bucket for us to deliver the data to. You'll need to have access to your organization's Amazon Web Services (AWS) console with privileges to create an S3 bucket. If your organization doesn't use AWS, let us know and we'll help configure the data delivery process on your behalf. To begin, please follow the instructions below, which should only take a few minutes to complete.

  1. Sign into the AWS S3 console.
  2. Create an S3 bucket in which you want to receive SafeGraph data (e.g. s3://my-company-sg-data).
  3. Create a policy for SafeGraph to access the bucket by first selecting the Permissions tab.
12721272
  1. Click on the Bucket Policy box.
  2. Copy this bucket policy as formatted below and paste into the permission editor:
{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Sid": "SafeGraph Bucket Permissions",
         "Effect": "Allow",
         "Principal": {
            "AWS": "arn:aws:iam::461305247324:role/safegraph-egress"
         },
         "Action": [
            "s3:*"
         ],
         "Resource": [
            "arn:aws:s3:::{{your bucket name}}"
         ]
      },
      {
         "Sid": "SafeGraph Object Permissions",
         "Effect": "Allow",
         "Principal": {
            "AWS": "arn:aws:iam::461305247324:role/safegraph-egress"
         },
         "Action": [
            "s3:*"
         ],
         "Resource": [
            "arn:aws:s3:::{{your bucket name}}/*"
         ]
      }
   ]
}

🚧

Include your bucket name in resources

When pasting the policy above, please make sure to substitute your bucket name and path for {{your bucket name}} when specifying the resource.

  1. Click Save.
  2. That's it! Please send your customer success manager the name of your bucket.

🚧

Do not set up KMS encryption

Please do not enable KMS encryption when configuring the bucket. We will not be able to write to your S3 bucket if you enable this setting.


Did this page help you?