Articles in this section

Resonate Install: What's included and how to set it up

Avatar
Mallory Mast
  • Updated
Follow

This article covers what's in your Install and how to set up the delivery destination to receive it. The first section is reference material — ID types, formats, and normalization rules — that your data team will revisit when joining the Install to your records. The remaining sections walk through the pre-delivery infrastructure check and the destination-specific setup procedure, which you'll work through once before your first delivery.

Jump to a section:

What's in your install

An Install is indexed by one or more ID types, selected at contract initiation. You can license a single ID type or all four. Each contracted ID type is delivered as its own Output File, and the ID column in each file matches the ID type identifier (hem, maid, ip, or zip11).

Deliveries arrive every 8 weeks by default. Longer cycles — quarterly, semi-annual, or annual — are available if your business processes or data workflows require them. See Operating the Recurring Refresh for details on what arrives in each refresh and how to operate against it.

Supported ID types

ID Type Format Normalization for Joining Records
Hashed Email (HEM)

Lowercase hex hash

SHA256 (64 chars, default)

SHA1 (40 chars)

Or, MD5 (32 chars)

 Lowercase the email, remove all whitespace, UTF-8 encode, then apply the hash variant matching your engagement. 
Mobile Ad ID (MAID) Standard UUID, lowercase, hyphenated; 36 characters Lowercase and verify hyphenated format. No additional transformation.
IP Address (IPv4) Dotted-decimal IPv4 (e.g., 192.0.2.1) Verify format; no transformation. Used for per-visitor lookup at page load. 
ZIP11 11-digit USPS delivery point code (9-digit ZIP+4 plus 2-digit delivery point) Run street-address-level data through a USPS-certified geocoding service(Melissa, SmartyStreets, Loqate, or similar) if you don't already have 11-digit codes. 

Each ID is non-null and unique within its Output File. Phone (SHA256-hashed E.164) and IPv6 are on the near-term ID roadmap but not supported at this time. UID2, RampID, and CTV/ACR identifiers are also being evaluated. Talk to your account team for roadmap timing. 

Best fit by use case

ID type Best for

HEM

 First-party data enrichment, segmentation, paid social, email 

MAID 

 Programmatic, in-app, mobile measurement 

IP Address 

 Website personalization, anonymous visitor identification, CTV 

ZIP11

 Direct mail, geo-targeted personalization, retail location planning 

 

Sensitive attribute restrictions

A defined set of attributes — including those covering racial or ethnic origin, religious or philosophical beliefs, union membership, citizenship or immigration status, sexual orientation, and health information — are suppressed for individuals residing in specific states. This restriction is non-negotiable and enforced at file generation. See the Sensitive Data article for the full state list and how the restriction appears in your Output File. 

 

Pre-delivery infrastructure check

Before your first delivery is scheduled, confirm the following. 

General readiness (every engagement)

  • Cloud data warehouse or equivalent infrastructure. Snowflake, BigQuery, Databricks, Redshift, or comparable. Customers without this are better suited for Resonate's Enrichment or platform products, Resonate Cortex and Resonate Ignite Platform.
  • Storage capacity for the licensed file size, with retention headroom. Plan for at least 2× the licensed file size to accommodate retaining the prior wave alongside the new one during validation. For multi-ID engagements, sum across ID types.
  • Compute capable of querying files at the relevant scale. A full-catalog HEM Output File is 50–120 GB in Parquet; your warehouse must be appropriately sized.
  • A data engineering or analytics function to operationalize the file. Resonate provides raw material; your team performs the joining, modeling, and activation.
  • Encryption-at-rest in the destination environment.
  • A named primary technical contact for delivery setup and ongoing operations.

Operational readiness

  • A defined ingestion approach for full-replacement deliveries. Each refresh fully replaces the prior delivery. The Operating the Recurring Refresh article describes three common patterns.
  • Awareness of state-level redaction behavior. Your downstream analytics should not assume mutually-exclusive attribute groups sum to 100%. See the Sensitive Data article.
  • For engagements contracting ZIP11: confirm your address data is at the 11-digit USPS delivery-point level, or that you can geocode street-address data before joining.

Set up your delivery destination

Install delivery is supported via Snowflake share, Amazon S3, or SFTP — selected at engagement initiation. Read the section below that matches your selected destination (Jump to Snowflake, Amazon S3, or SFTP). 

Note on supported destinations. Box, Google Cloud Storage, and Azure Blob Storage are not supported as direct delivery destinations. Customers operating in those environments should select SFTP delivery.

 

Delivery via Snowflake Share

Snowflake delivery uses a Snowflake data share between Resonate's primary Snowflake account and yours. One durable share is created per engagement, per ID type. Refreshes update the share in place — you do not need to re-accept the share or rebuild downstream objects each refresh. 

Supported regions

Cross-region and cross-cloud delivery is transparent — Resonate handles the underlying replication. Delivery to a cross-region account does not affect the 5-business-day SLA.

Cloud Supported regions

AWS

 us-east-1, us-east-2, us-west-2 

Azure

 eastus, eastus2, westus2, centralus, southcentralus 

GCP

 us-central1, us-east4 

Customers in regions not listed above should contact their account team to scope the engagement. 

Setup procedure

  • Provide setup details to Resonate at engagement initiation: your Snowflake account identifier, your Snowflake region/cloud, the target database name you'd like the share to populate, the target schema (default: PUBLIC), and the role in your Snowflake account that should receive grants.
  • Accept the share. Resonate creates the share for your engagement and sends a share invitation to your Snowflake account. Accept it via Snowsight (Data → Private Sharing → Inbound) or SQL.
  • Create a database from the share:

CREATE DATABASE RESONATE_INSTALL FROM SHARE 
  RESONATE.RESONATE_{CLIENT}_{ID_TYPE}_INSTALL; 

  • Grant access. Grant USAGE on the database and SELECT on the schema to your consuming role.
  • Verify. Query the share to confirm access. 

PrivateLink

AWS PrivateLink for Snowflake delivery is available for AWS us-east-1 customers. PrivateLink is not currently available for non-AWS Snowflake regions because Resonate's cloud infrastructure presence is AWS-only.

 

Delivery via Amazon S3

Amazon S3 delivery uses a Resonate-hosted S3 bucket in AWS us-east-1. Resonate writes Output Files, the Key Definitions File, and the Summary Report into a designated location in the Resonate bucket. You retrieve them using an IAM role provided by Resonate.

Pre-setup: information to provide to Resonate

  • AWS user/role ARN — the Amazon Resource Name for the user or role in your AWS account that will access Resonate's S3 bucket.
  • AWS account ID — your AWS account identifier.

Resonate uses this to provision an IAM role with the appropriate permissions and configure security policies. You'll receive a credentials document containing the Resonate role ARN and an external ID. Wait for that document before proceeding.

Setup procedure

Step 1 — Attach an IAM policy to your user or role

Allow it to assume the Resonate role. Substitute the Resonate role ARN from your credentials document:

{ 
  "Version": "2012-10-17", 
  "Statement": { 
    "Effect": "Allow", 
    "Action": "sts:AssumeRole", 
    "Resource": "<Resonate Role ARN>" 
  } 
}
Step 2 — Configure AWS CLI with a Resonate profile

Add the following to your AWS config file (~/.aws/config on macOS/Linux; C:\Users\USERNAME\.aws\config on Windows):

[profile resonate-install] 
role_arn = <Resonate Role ARN from credentials document> 
source_profile = <your AWS profile name> 
external_id = <External ID from credentials document>

Step 3 — Verify your configuration

aws sts get-caller-identity --profile resonate-install

The returned ARN should match the Resonate role ARN. To verify S3 access:

aws s3 ls s3://resonate-integrations/<companyName>/install/ --profile resonate-install

Folder structure and retrieval

Your Install files are delivered to s3://resonate-integrations/<companyName>/install/<id_type>/output/. For multi-ID engagements, each ID type has its own subfolder. The Key Definitions File and Summary Report are at the engagement root.

  • Retrieve files to your local environment:

aws s3 cp --recursive s3://resonate-integrations/<companyName>/install/ . \ 
  --profile resonate-install

  • Or copy directly to your own S3 bucket:

aws s3 cp --recursive s3://resonate-integrations/<companyName>/install/ s3://your-bucket/ \ 
  --profile resonate-install

Troubleshooting
  • AccessDenied on AssumeRole. The IAM policy from Step 1 isn't correctly attached, or the Resonate role ARN doesn't match the credentials document. Run aws sts get-caller-identity to verify your current identity and check the policy targets the right Resonate role ARN.
  • AccessDenied on CopyObject. Your CLI profile isn't assuming the Resonate role. Re-run the verification commands in Step 3.
  • 403 Forbidden on HeadObject. The Resonate role lacks the expected access to your delivery path. Contact your CSM.

 

Delivery via SFTP

SFTP delivery uses a Resonate-hosted SFTP endpoint operated via AWS Transfer Family. Resonate writes files to a designated path; you authenticate to the endpoint via SSH key and retrieve files at your own cadence within the SLA window. 

Pre-setup: information to provide to Resonate

  • An SSH public key for the account that will authenticate to the SFTP endpoint. RSA 4096 is supported; other key types should be confirmed with your Resonate contact.
  • Network egress allowance to AWS Transfer Family from your retrieval environment.

Setup procedure

  • Provide your SSH public key to your Resonate Customer Success contact. Resonate provisions your access on the SFTP endpoint and sends you connection details: hostname, username, and the path to your delivery folder.
  • Configure your SFTP client (or automation) with the connection details and your corresponding private key.
  • Test the connection by listing your delivery folder. The folder will be empty until your first delivery.
  • On each scheduled delivery, Output Files, the Key Definitions File, and the Summary Report appear in your folder. Partitioned deliveries include a manifest file written last — wait for the manifest before processing.

What happens next

Once your destination is set up, your first delivery arrives on the every-8-weeks cadence anchored to your engagement activation date. For everything that happens after that first delivery — what to expect, how to validate, how to operate the recurring refresh — see Operating the Recurring Refresh.

If you have questions about setup, contact your Customer Success Manager or reach out to resonatesupport@resonate.com.

Related articles

Comments

0 comments

Article is closed for comments.