Storages
Customer Access to iMerit Owned Dedicated Bucket
By default, iMerit provides Cross-account IAM roles for programmatic access to upload customer data into a predesignated S3 bucket.
These steps are for a customer trying to upload data.
Create an IAM role or user in the customer AWS account (role_1).
Give the role_1 download permission (GetObject) and upload (PutObject) objects to and from the predefined S3 bucket.
IAM Cross Account Access
The following steps apply when the customer prefers to retain the data within their own infrastructure.
Create four S3 buckets with default settings. The bucket names can be chosen as per your internal naming conventions.
{CUSTOMERNAME}-content.tasking.imerit-prod.io
{CUSTOMERNAME}-tasking-app-prod-delivery-bucket
{CUSTOMERNAME}-tasking-app-prod-import-bucket
{CUSTOMERNAME}-pct-content.tasking.imerit-prod.io
Apply the appropriate CORS (Cross-Origin Resource Sharing) configuration to each of the below mentioned buckets:
{CUSTOMERNAME}-content.tasking.imerit-prod.io and
{CUSTOMERNAME}-pct-content.tasking.imerit-prod.io
Set up an IAM role with the necessary assume role policy and permissions, as outlined in the code snippet provided below.:
After the above steps are completed and a role is generated, share this role ARN with iMerit so that the iMerit application can assume that role.
Last updated