This guide explains how to configure an AWS S3 bucket to work with Openbridge's AWS S3 Source integration. This integration allows Openbridge to read data files from your S3 bucket and load them into your data destination.
✅ Prerequisites
Before you start, make sure you have:
🔑 AWS Access Key ID and Secret Access Key with the correct permissions
🪣 An active S3 bucket that allows CORS access from
https://app.openbridge.com📦 A configured destination ready to receive data
1️⃣ Create an S3 Bucket (if you don’t have one yet)
🪣 If you already have a bucket, you can skip this step and move on to configuring CORS. Otherwise, follow these steps to create one and add a folder for your data files.
🧭 Steps to Create an S3 Bucket
Go to your AWS Console → S3
Click “Create bucket”
Enter a unique Bucket name (e.g.,
my-openbridge-source)Choose the appropriate AWS Region
(Tip: Match this region when you configure the Openbridge wizard later.)Under Object Ownership, select ACLs disabled (recommended)
For Block Public Access settings, keep all boxes checked (recommended for security)
Leave other settings at default (Versioning, Encryption, etc.)
Click Create bucket
📌Important: Every S3 bucket (new or existing) must have at least one folder inside it for the wizard to work properly.
📁 Create a Folder in the Bucket
Once your bucket is created:
Open your new bucket in the S3 Console
Click “Create folder”
Name the folder something like
test-dataor another descriptive name (e.g.,sales-data,logs, etc.)Click Create folder
💡 Tip: This folder will later contain your date-partitioned subfolders such as dt=2024-01-01/, dt=2024-01-02/, etc.
This structure is required for Openbridge to properly recognize and process your files.
2️⃣ Create an IAM User with S3 Permissions
Steps to create:
Go to IAM Console → Users → Create user
Name the user, e.g.,
openbridge-s3-readerAttach the policy below
Generate Access Key ID and Secret Access Key
Store them securely — you’ll need them during setup
Use the following AWS IAM policy for the user.
Don’t forget to replace your-bucket-name with your actual bucket name in the policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": "arn:aws:s3:::your-bucket-name"
},
{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": "arn:aws:s3:::your-bucket-name/*"
}
]
}💡 Tip: Add "s3:GetObjectVersion" if versioning is enabled in your bucket.
3️⃣ Configure Bucket CORS
🛠️ How to apply:
Go to S3 Console → Your Bucket → Permissions
Scroll to Cross-origin resource sharing (CORS)
Click Edit
Paste the JSON below
Save changes
To allow Openbridge to access your bucket via browser, add this CORS configuration 👇
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "HEAD"],
"AllowedOrigins": ["https://app.openbridge.com"],
"ExposeHeaders": ["ETag"]
}
]
4️⃣ Gather Info for the Wizard
You’ll need these details when filling the Openbridge wizard form:
Field | Description |
🗺️ AWS Region | e.g., |
🔑 Access Key ID | From IAM user |
🧩 Secret Access Key | From IAM user |
🪣 Bucket Name | Your actual S3 bucket name |
🎉 That’s it!
At this point, your AWS S3 connection setup is complete. If all details were entered correctly and no errors appear during validation, you’re ready to create your subscription and start loading data from your S3 bucket into Openbridge.
🧩 Common Issues & Fixes
🚫 “Please connect to an s3 bucket and select the directories...”
Your folder structure doesn’t contain valid date-partitioned directories.
✅ Fix: Add subfolders named dt=YYYY-MM-DD.
❌ No Checkboxes Appearing
Checkboxes only show for folders with date partitions.
✅ Fix: Ensure you’ve created the initial folder mentioned in Step 1.
🔒 “AccessDenied” or “Authentication failed”
Check the following:
Credentials are correct
IAM user has
s3:ListBucketands3:GetObjectBucket name and AWS account match
Policy is properly attached
🌐 “Failed to fetch” or CORS errors
Double-check:
Allowed origin includes
https://app.openbridge.comMethods include
GETandHEADWait 1–2 minutes after saving CORS config