In today’s data-driven world, organizations manage vast amounts of data across multiple platforms. Amazon S3 has become a popular choice for scalable cloud storage, but integrating and making this data actionable within business applications like Salesforce can be complex. To address this, Salesforce has introduced Data Cloud Storage Connectors, enabling businesses to access Amazon S3 data directly within Salesforce Data Cloud. This integration enables organizations to bring Amazon S3 data into Salesforce Data Cloud, allowing teams to work with up-to-date data that enhances customer profiles and supports informed decision-making across departments such as Sales, Service, and Marketing. Although the data is ingested rather than accessed directly in place, the connection ensures that key data from Amazon S3 is readily available in Salesforce Data Cloud, enriching insights and enabling timely, data-driven actions.
In this blog, we’ll walk you through the setup of this integration, including establishing secure access using Identity Provider (IdP)-based authentication. We’ll also explore how this streamlined data access powers real-time insights and enables quick, data-driven actions within Salesforce.
What is Salesforce Data Cloud?
Salesforce Data Cloud is a comprehensive platform designed to unify your company’s data, creating a single, unified customer profile. By integrating diverse datasets such as sales, service, marketing, telemetry, and web engagement data, it provides every team in your organization with a 360-degree view of your customers. This unified view helps automate workflows, drive personalized engagement, and power AI-driven insights through Salesforce’s Einstein 1 Platform.
By bringing together disparate data from both internal and external sources, Salesforce Data Cloud enables businesses to:
- Drive Data-Driven Decisions: Teams across sales, marketing, and service can harness real-time customer data to make better decisions.
- Personalize Customer Experiences: By using AI to analyze data and deliver insights, Salesforce Data Cloud allows companies to create highly personalized customer interactions at scale
- Ensure Data Security and Compliance: Data Cloud provides a centralized environment to manage and access data securely, helping organizations meet compliance and regulatory requirements.
What is Amazon S3?
Amazon Simple Storage Service (S3) is a widely used cloud storage solution designed to store and retrieve any amount of data. Organizations rely on S3 to store structured and unstructured data, such as customer records, logs, media files, and more. S3’s scalability makes it a great choice for businesses that need to manage large volumes of data, from backups and archives to analytics.
Configure Data Cloud Storage Connectors
Log in to Salesforce Data Cloud and navigate to Data Cloud Setup
In the quick find box, search for “Other Connectors”
Click New and choose “Amazon S3”
Create a New Amazon S3 source
Note: Will fill up the IAM Role once we setup up the Identity provider and IAM Role.
Setting Up Identity Provider–Based Authentication for Amazon S3 Connectors
To securely connect to an Amazon S3 bucket using S3 connectors, Salesforce supports Identity Provider (IdP)-based authentication. This ensures that only authorized users can access the data.
Steps to Set Up IdP-Based Authentication:
Set Up the Identity Provider in AWS:
- In the AWS Management Console, go to IAM, select Identity Providers, and add a provider.
- Choose OpenID Connect and enter your Salesforce My Domain URL as the provider URL and audience.
- After verifying the information, AWS will retrieve the OIDC certificate thumbprint to create the IAM OIDC identity provider.
Create IAM Roles:
- In AWS, create a role with custom trust policies that allow Salesforce Data Cloud to assume the role using the External ID
Example trust policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::240852588578:oidc-provider/<My Domain URL>/services/connectors"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"<My Domain URL>/services/connectors:sub": "app:DE809C7E:1E96683A"
}
}
}
]
}
Set Up the Connection in Salesforce: Use the Amazon Resource Name (ARN) of the role in AWS to configure the S3 connection in Salesforce Data Cloud
Creating an Amazon S3 Data Stream in Salesforce Data Cloud
After establishing the S3 connection, you can create a data stream in Salesforce Data Cloud to begin the data flow from Amazon S3.
Steps to Set Up an Amazon S3 Data Stream:
1. Go to Data Streams: In Salesforce Data Cloud, navigate to the Data Streams tab and click New. Select Amazon S3 as the data source.
2. Select the S3 Connector: Choose the Amazon S3 connection you created earlier from the Connection dropdown menu.
3. Configure File and Source Details
- Select the File Type (either CSV or Parquet) and provide the Import from Directory path, which specifies the location of your source files in the S3 bucket.
- Optionally, specify a File Name or use wildcards to retrieve files
1. Create or Use a Data Lake Object (DLO): A DLO is a metadata reference for the federated S3 data. You can create a new DLO or use an existing one to store the structure of the data. This allows Salesforce Data Cloud to access S3 data without moving it.
2. Map Fields and Configure the Data Model: Define the fields in the S3 data and map them to your Salesforce data model, allowing Salesforce features such as segmentation and calculated insights to use the ingested data.
3. Enable Data Acceleration (Optional): You can enable data acceleration to improve the performance of queries on federated S3 data.
4. Deploy the Data Stream: After configuring the data stream, click Deploy to initiate the data flow. The federated data will be available for use in Salesforce Data Cloud for real-time analysis and action.
Use Cases for Data Cloud Storage Connectors with Amazon S3
- Enhanced Marketing Campaigns: Combine customer interaction data from S3 with Salesforce data to drive more targeted and effective marketing campaigns.
- Improved Customer Satisfaction: Merge S3 data (e.g., feedback or purchase history) with Salesforce case data to gain deeper insights into customer satisfaction and improve service quality.
- Next-Best Action: Use real-time data from S3 (such as transaction or interaction history) to make data-driven recommendations for customer interactions.
Conclusion
Integrating Amazon S3 with Salesforce Data Cloud through Data Cloud Storage Connectors provides a powerful and efficient way to harness timely data. This approach helps businesses maintain data consistency, security, and cost-effectiveness by keeping Amazon S3 data securely stored in its original environment, while making it readily accessible within Salesforce for actionable insights.
With this integration, organizations can leverage customer data to drive targeted marketing, enhance customer satisfaction, and enable dynamic recommendations. By bridging data from Amazon S3 with Salesforce Data Cloud, businesses can build enriched customer profiles, power AI-driven insights, and create seamless, personalized experiences across multiple touchpoints. This unified view not only fosters stronger customer relationships but also empowers teams to make informed, data-driven decisions that drive growth and operational excellence.
This is a well-written article that shows the setup of the Amazon S3 ingestion connector. This connector is not zero-copy. This connector ingests the contents of the parquet or CSV files from the S3 bucket configured in the data stream. The only zero-copy connector available for Amazon data stores is the Redshift connector. See -> https://help.salesforce.com/s/articleView?id=sf.c360_a_set_up_data_federation_redshift_connection.htm&type=5
Please update this article to show the Redshift zero-copy connector or take out the zero-copy wording in this article as it’s misleading for customers. Thank you.
Thank you for your thoughtful feedback and for bringing this to my attention. You are absolutely correct, and I sincerely apologize for any confusion caused by the mention of “zero-copy” in relation to the Amazon S3 ingestion connector. I have promptly updated the article to remove this wording to ensure accuracy and avoid any potential misunderstandings for our readers.
Your input is incredibly valuable in helping maintain the quality and clarity of the content shared with the community. I truly appreciate you taking the time to share this observation and we have promptly updated in couple of days. Please don’t hesitate to reach out if you have any further suggestions or insights. Thank you again for your support!