Amazon S3 Shared Resource Connection

The Amazon connection is a shared resource that describes the Amazon connection. You can use the Amazon S3 shared connection resource to specify the configuration details that connects an Amazon S3 Client to an Amazon S3 instance.

General

The General tab shows the package that stores the Amazon S3 shared resource and the shared resource name. You can also provide a description for the shared resource in this tab.

The following table describes the fields on the General tab of the Amazon S3 shared resource:

Field Module Property? Description
Package No Package to be added
Name No Name to be displayed as a label for the shared resource
Description No A short description for this shared resource

Amazon Connection Configuration

You can provide information required to establish the connection with Amazon S3. You can configure the connection using AWS Credential or SAML Authentication.

The following table describes the fields on the Amazon Connection tab of the Amazon S3 shared resource when the Authentication Type is selected as AWS Credential:

Field Module Property? Description
Access Key Yes Access key to connect to the Amazon S3 API
Secret Key Yes Secret key to connect to the Amazon S3 API

The following table describes the fields on the Amazon Connection tab of the Amazon S3 shared resource when the Authentication Type is selected as SAML Authentication:

Field Module Property? Description
Identity Provider (IdP) No The service provider that manages your user identities. With an IdP, you can manage user identities outside of AWS instead of creating AWS Identity and Access Management (IAM) users in your account. After establishing the trust relationship between IdP and AWS, your users can access AWS resources using their corporate credentials.
Identity Provider Login URL Yes

IdP login URL that is generated when you configure the identity provider in the identity provider console.

Example URL for PingFederate: https://<host>:<port>/idp/startSSO.ping?PartnerSpId=urn%3Aamazon%3Awebservices

Username Yes User name that is configured with your identity provider
Password Yes Password that is configured with your identity provider
AWS Role Yes AWS IAM role
Token Expiration Duration Yes Duration for which the token is valid
Note: This is configured in AWS IAM policy when creating the role. If the user specifies the value as 0, the value is taken as 60 minutes.
SSL Client Configuration No Establishes secure connection with IdP

For more information about SSL Client Configuration, see the "Shared Resource" section of the TIBCO ActiveMatrix BusinessWorks™ Bindings and Palettes Reference guide.

Use Proxy Yes You can select the Use Proxy check box and set proxy configuration in the Custom configuration section.
Note:

To enable basic authentication, set JVM argument as

-Djdk.http.auth.tunneling.disabledSchemes=

Please refer to setting bwappnode-<AppNodeName>.tra file in section "Setting JVM Parameters for the AppNode Manually" in the TIBCO ActiveMatrix BusinessWorks™ documentation.

With TIBCO BusinessStudio for BusinessWorks : Add this argument in <BW_HOME>\studio\<version>\eclipse\TIBCOBusinessStudio.ini file.

Amazon Connection Advanced Configuration

The following table describes the fields in the Amazon Connection Advanced Configuration tab of the Amazon S3 shared resource:

Field Module Property? Description
Client Type No Select between the default or customized AWS client configuration

Defaults to the default client type

Connection Timeout Yes Number of milliseconds that the attempt to create an AWS client connection waits before timing out

Defaults to 10 seconds

ClientExecutionTimeout Yes Default HTTP timeout for all requests made on this connection

Disabled by default: 0 seconds

MaxErrorRetry Yes Number of retries the AWS client attempts for HTTP error code 5xx before reporting an error
RequestTimeout Yes Number of milliseconds any request can take before being timed out.

A request may constitute several individual HTTP requests. This is the difference between this setting and the ClientExecutionTimeout setting.

Disabled by default: 0

Use Gzip Yes Uses Gzip communications

Defaults to false

Use Proxy Settings No Enables or disables the fields related to proxy settings

Disabled by default. If disabled no proxy server is used.

NonProxy Hosts Yes List of hosts that should be reached directly, bypassing the proxy.

This is a list of patterns separated by '|'. The patterns might start or ends with a '*' for wildcards. Any host matching one of these patterns is reached through a direct connection instead of through the proxy.

Preemptive Basic Proxy Auth Yes Sets whether to attempt to authenticate preemptively against proxy servers by using basic authentication
Proxy Domain Yes Sets the optional Windows domain name for configuring an NTLM proxy
Proxy Workstation Yes Sets the optional Windows workstation name for configuring NTLM proxy support
Proxy Host Yes Sets the proxy host the client connects through
Proxy Port Yes Sets the proxy port the client connects through
Proxy Username Yes Sets the proxy user name to use
Proxy Password Yes Sets the proxy password to use