Amazon S3 & AlphaSense

This guide explains how to connect Amazon S3 buckets to AlphaSense using a cross-account IAM role. This approach lets AlphaSense access and ingest your data without requiring long-term AWS credentials.

• Setting Up the Connection
  • Prerequisites
  • Step 1: Create an IAM Policy
  • Step 2: Create the IAM Role
  • Step 3: Connect the Role in AlphaSense
  • Step 4: Register Buckets and Regions
• Sync Data from AmazonS3
• Managing the Integration
• Security & Permissions

Setting Up the Connection

Prerequisites

Collect the following values from the AlphaSense initiation screen:

• Alpha Account ID: The AWS account ID for AlphaSense.
• External ID: A unique value that secures the role trust relationship.

Step 1: Create an IAM Policy

Create a policy that defines what AlphaSense can do in your S3 environment.

• Sign in to the AWS Management Console and open IAM.

• In the left navigation, select Policies, then click Create policy.

• Select the JSON tab and paste the policy JSON provided by AlphaSense.

• Update the Resource section:
  • Replace your-bucket-name with your actual bucket name(s).
  • Include both:
    • The bucket ARN (for listing): arn:aws:s3:::my-bucket
    • The object ARN wildcard (for object access): arn:aws:s3:::my-bucket/*

Note: If you omit either ARN, AlphaSense might be able to see the bucket but not read objects (or vice versa).

• Click Next.
• Name the policy (example: AlphaSense-S3-Policy).

Step 2: Create the IAM Role

Create a role that AlphaSense can assume.

• In IAM, go to Roles and click Create role.

• Under Trusted entity type, select AWS account.
• Select Another AWS account, then enter the Alpha Account ID.
• Enable Require external ID, then enter the External ID.
• Click Next.
• On Add permissions, select the policy you created in Step 1 (example: AlphaSense-S3-Access-Policy).
• Click Next.

• Select the permissions policy.

• Name the role (example: AlphaSense-S3-Role).

• Click Create role.

Step 3: Connect the Role in AlphaSense

Give AlphaSense the role ARN so it can assume the role.

• In IAM, open Roles, then select your new role (AlphaSense-S3- Role).
• Copy the Role ARN (example: arn:aws:iam::123456789012:role/AlphaSense-S3-Integration-Role).

• Return to the AlphaSense authentication page.
• Paste the ARN into Role ARN.
• Click Continue.

Note: If the connection succeeds, AlphaSense confirms that it successfully assumed the role.

Step 4: Register Buckets and Regions

Tell AlphaSense which buckets to ingest.

• Enter the Bucket name.
• Select the bucket’s AWS Region (example: us-west-1).
• Click Add.
• Repeat for each bucket included in your IAM policy.
• Click Continue when finished.

You can now browse your S3 folders and objects in AlphaSense. AlphaSense can ingest and analyze the content you registered.

Troubleshooting Tips: If you get an error, confirm:

• The selected region matches the bucket’s region.
• The bucket name has no extra spaces.
• The IAM policy includes both bucket and object ARNs.

Sync Data from Amazon S3

File Access in AmazonS3

Once buckets are selected, AlphaSense can sync any related folders or files. 

Supported File Types

AlphaSense supports the following  formats:

• PDFs and documentsPresentations, like .ppt 
• Spreadsheets, like .xlsx
• Other text-based content
• Audio and video files

Data Sync Process

• AlphaSense syncs Amazon S3 data automatically every 24 hours.

Managing the Integration

After setup, manage your integration from the Integration Center:

• Open the Integration Center and select Amazon S3.
• Under Manage Configuration, you can:
  • Add or remove synced items.
  • Adjust tags or sharing settings (for Individual Connections).
  • Sync updated configurations.

Security & Permissions

Individual Connection

• Connect an individual account with manual sharing, via IAM role.

• Connect an individual account with manual sharing, via Access keys.