Resonate Append File Transfer – AWS Setup and Delivery

Resonate offers flexible, secure methods for sharing and delivering data with our clients, including Box, Snowflake, SFTP, and Amazon Web Services (AWS). This guide walks you through the complete setup process, from initial configuration to file transfer operations through AWS.

We prefer to have our customers write data to an AWS Bucket hosted by Resonate within the US-East-1 region. Resonate will deliver the final results to this bucket which customers can then ingest into their systems.

As a pre-requisite, please use our file-formatting guidance and helpful template to ensure you've properly formatted your file and have provided the necessary information.

Process Overview:

1. Pre-Setup: Provide required information to Resonate
2. Initial Setup: Configure AWS permissions after receiving Resonate credentials
3. File Operations: Upload or retrieve files using AWS CLI

Your Resonate Customer Success Manager will work closely with you throughout the append process.

Phase 1: Pre-Setup Requirements

Before Resonate can create your infrastructure, you need to provide your Customer Success Manager with:

Required Information:

• AWS User/Role ARN - The Amazon Resource Name for the user or role that will access Resonate's S3 bucket
• Account ID - Your AWS account identifier

Optional Information:

• S3 Bucket Name - Only if you want to copy directly from your own S3 bucket to Resonate's

Resonate will use this information to:

1. Set up an IAM role with appropriate permissions
2. Configure security policies for secure data transfer

Next Step: Wait for your Customer Success Manager to provide your credentials document before proceeding.

Phase 2: AWS Configuration Setup

After receiving your credentials from Resonate, complete these configuration steps:

Step 1: Configure IAM Policy for Your User/Role

Attach this IAM policy to the user or role you provided to Resonate. This allows your user/role to assume the Resonate role.

Policy Template:

{  "Version": "2012-10-17",  "Statement": {  "Effect": "Allow",  "Action": "sts:AssumeRole",  "Resource": "<Resonate Role ARN>"  } }

Example: If Resonate provided the role arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole:

{  "Version": "2012-10-17",  "Statement": {  "Effect": "Allow",  "Action": "sts:AssumeRole",  "Resource": "arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole"  } 

Step 2: Configure S3 Bucket Policy (Optional)

Only required if you provided an S3 bucket name in Phase 1.

Append this statement to your existing bucket policy:

{  "Sid": "ResonateS3Access",  "Effect": "Allow",  "Principal": {"AWS": "<Resonate Role ARN>"},  "Action": [  "s3:ListBucket",  "s3:GetObject*",  "s3:PutObject*",  "s3:DeleteObject"  ],  "Resource": [  "arn:aws:s3:::<bucket name>/*",  "arn:aws:s3:::<bucket_name>"  ] }

Example: For bucket your-bucket and Resonate role arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole:

 "Sid": "ResonateS3Access", "Effect": "Allow", "Principal": {"AWS": "arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole"}, "Action": [ "s3:ListBucket", "s3:GetObject*", "s3:PutObject*", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::your-bucket/*", "arn:aws:s3:::your-bucket" ] }

Phase 3: AWS CLI Setup and Configuration

Prerequisites

1. Install AWS CLI if not already installed: AWS CLI Installation Guide
2. Configure AWS CLI with your credentials: AWS CLI Quick Configuration

Configure Resonate Profile

1. Locate your AWS config file:
   • Mac/Linux: ~/.aws/config
   • Windows: C:\Users\USERNAME\.aws\config
2. Add the Resonate profile

[profile resonate-data-append] role_arn = <Resonate Role ARN from credentials document> source_profile = <your AWS profile name> external_id = <External ID from credentials document>

Example:

[profile resonate-data-append] role_arn = arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole source_profile = default external_id = 18384776920

3. For chained role assumption (if your user needs to assume a role first):

[profile resonate-assume-role] role_arn = arn:aws:iam::112233445566:role/SampleResonateAssumeRole source_profile = default [profile resonate-data-append] role_arn = arn:aws:iam::123456789012:role/SampleResonateIntegrationsRole source_profile = resonate-assume-role external_id = 18384776920

Verify Configuration

Test your setup with these commands:

1. Verify role assumption:

aws sts get-caller-identity --profile resonate-data-append

The output ARN should match the Resonate role ARN.

2. Verify S3 access:

aws s3 ls s3://resonate-integrations/companyName/data-append/ --profile resonate-data-append

You should see the directory listing without errors.

Phase 4: File Operations

Folder Structure
Your Resonate S3 bucket path includes separate input and output folders for clear organization:

• input/ - Upload your source data files here (e.g., s3://resonate-integrations/companyName/data-append/input/)
• output/ - Resonate will deliver processed results here (e.g., s3://resonate-integrations/companyName/data-append/output/)

This separation helps ensure you're uploading to the correct location and can easily identify where to retrieve your results.

Uploading Files to Resonate

From local filesystem:

aws s3 cp append-file.csv s3://resonate-integrations/companyName/data-append/input/ --profile resonate-data-append

From your S3 Bucket (if configured in Phase 2):

aws s3 cp s3://your-bucket/append-file.csv s3://resonate-integrations/companyName/data-append/input/ --profile resonate-data-append

Downloading Files from Resonate

To local filesystem:

aws s3 cp --recursive s3://resonate-integrations/companyName/data-append/output/ . --profile resonate-data-append

From your S3 bucket (if configured in Phase 2):

aws s3 cp --recursive s3://resonate-integrations/companyName/data-append/output/ s3://your-bucket/ --profile resonate-data-append

Reference: AWS S3 CP Command Documentation

Files delivered by Resonate

Resonate will deliver three files into your Output folder for each completed Append job. All files follow a standardized naming convention to ensure consistency, traceability, and easier automation.

File Delivery Summary

Each timestamp reflects the completion time of your Append job.
These files will appear in your designated Output folder within your Resonate S3 structure.

Troubleshooting

Error: "An error occurred (AccessDenied) when calling the AssumeRole operation"

Possible causes:

• IAM policy not attached correctly - Review Phase 2, Step 1
• Wrong Resonate role ARN in policy - Verify the ARN matches what Resonate provided
• Current user/role mismatch - Ensure you're using the user/role you provided to Resonate

Verification steps:

• Check the error message shows the correct Resonate role ARN
• Runaws sts get-caller-identity to verify your current identity

Error: "An error occurred (AccessDenied) when calling the CopyObject operation: Access Denied"

• Cause: Not properly assuming the Resonate role
• Solution: Verify your profile configuration and run the verification commands in Phase 3

Error: "fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden"

• Cause: Resonate role lacks access to your S3 bucket
• Solution: Review Phase 2, Step 2 - Ensure the bucket policy is correctly configured

Your data share is now complete. Read more here to understand how to interpret and use the three files we have delivered. If you have additional questions, please reach out to your Customer Success Manager, or resonatesupport@resonate.com. 

Additional resources:

• AWS Documentation: Copy data between S3 buckets across accounts