# Kloudless API interaction

  • Connector Category: Storage
  • Unified APIs Supported: Storage, Activity

# Setting up Access Keys for Amazon S3

Amazon S3 applications do not use OAuth. Instead, the user is prompted during the authentication flow for the IAM Access keys, which will be used to authenticate requests. Access and secret keys are encrypted and stored securely. When users connect an account, they should provision an IAM user with the minimum amount of permissions required for your application.

You can test connecting an account via the Kloudless API Explorer.

# Sample IAM Policy

The permissions in AWS IAM are extremely flexible. In order access all of the funcitonality provided by the Kloudless API (including event notifications), the following policy should be used:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "KloudlessFull",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucketMultipartUploads",
                "s3:ListAllMyBuckets",
                "s3:AbortMultipartUpload",
                "s3:ListBucket",
                "s3:DeleteObject",
                "s3:ListMultipartUploadParts",
                "s3:PutBucketNotification",
                "s3:GetBucketNotification"
            ],
            "Resource": "*"
        }
    ]
}

If events are not needed, the Notification related permissions can be omitted. For further details on using IAM permissions with S3, refer to the AWS Documentation.

# Support

Please contact us at support@kloudless.com with any questions you may have. We'd be happy to help you get set up.