Exchanging data with ID5
Our main delivery mechanism is to exchange data directly to an AWS S3 bucket controlled by the client. We provide our AWS root account ID or our AWS Canonical User ID to the client. The required permissions and examples for select cloud providers are detailed below.
Note: as a backup option if our client is unable to host s3-compatible storage ID5 can host an AWS S3 bucket. Please discuss with your account team.
In this case, we require an AWS account ID or an AWS Canonical User ID for an AWS account the client controls. In the case the client is unable to provide that, we provide the client with a set of credentials to be used for accessing the data via the AWS SDK / CLI.
Data Retention
For all storage hosted by ID5 our data retention policy expires data after 90 days.
Supported Data Formats
We support CSV, JSON and Parquet, compressed with gzip.
Permissions Details
AWS S3
Client hosted S3 Bucket - Policy Requirements
We require these permissions for verification purposes:
- s3:ListBucket
- s3:GetObject
We require these permissions for uploading:
- s3:PutObject
- s3:DeleteObject
Our account ARN is: arn:aws:iam::243105029713:root
Our canonical ID is: b90fe88135ddb53ec153d1501c68b85f631bcaf82e579b3ba58a960cee8e4911
We can handle either an entire bucket, or a specific prefix.
An example policy where you can allow access for ID5 would be the following:
S3-compatible services
In limited cases we may be able to work with S3-compatible services. Please discuss with your account team. We require that the client sends us:
- The endpoint URL
- An Access Key ID
- A Secret Access Key
The key pair must be able to be used for access to the bucket, with policies equivalent to the ones listed in the S3 Bucket Policy Requirements.
Azure
Azure does not provide first party s3-compatibility, but there are several open-source services that re-expose the API as s3-compatible.