Business Intelligence Connector: S3 Setup

Permissions: Basic users and above, with manage and configure BIC 

Product tier: Available to Expert subscription tier

If you've chosen to send your organization's data to an S3 bucket through the BI Connector, you'll need to enter the authentication information to set up the connection. You can configure these settings in the Dev Center.

Note: Customers with existing S3 connections before November 2021 will appear on this page. However, if you use access keys and secret keys for authentication, you'll need to switch to an IAM role before you can make any changes. Click here for more information. 

See the following sections for more information:

Click here for more information on setting up Redshift.

Access the setup page

Note: To access this page, you'll need the manage and configure BIC developer permission. A Site Admin can assign this permission under Configure > Users. Click here for more information.

Click the Configure icon Configured_Icon.png in the top right corner of the page and select Dev Center in the left panel. 


Scroll to the bottom of the page and select Business Intelligence Connector.


Complete S3 setup

Click the Configure button.


Note: Authentication has been updated to role-based access through IAM. If you're currently using secret key access, you'll have to switch to IAM role-based access before you can make updates. Click here for more information.

Enter your S3 details into the available fields and click Next


Copy and paste the bucket policy in your AWS console.


Click Send test file to test the connection. When you receive a confirmation code, paste it into the field.


Click Save & enable S3. When a connection is successful, a green dot will appear next to the S3 section.


IAM Role vs. secret keys

Identity Access Management (or IAM) is AWS's standard for managing permissions and access to their storage solutions. Previously, users could provide S3 access keys and secret keys to authorize access. However, as the industry has evolved, secret keys have been replaced by role-based access through IAM.

To authenticate the BI Connector in your S3 bucket, you'll need to create a bucket policy to authorize Greenhouse's role. Click here for more information on adding a bucket policy in your S3 console.

The ARN for Greenhouse's role is included in the bucket policy outlined above.


Click here to learn more about AWS's IAM policies. 

Additional resources