Information
  • Author: Appian Corporation
  • Type: Plug-in (Function & Smart Service)
  • Support: This is an Appian supported plug-in. To the extent that this plug-in does not conform to its documentation, please submit a ticket to Appian Technical Support. Appian does not support customer-created customizations or outdated versions of the plug-in.
  • Industry: All Industries
  • Compatible Version(s): 25.2
  • First Released:
  • Last Updated:
  • Cost: Free - Appian Supported
Share
Home » AppMarket » Amazon S3 Utilities

Amazon S3 Utilities

Overview

The Amazon S3 Utilities Plug-in leverages the Amazon AWS Java API to connect with Amazon S3 to store and retrieve files.  

Key Features & Functionality

The following smart services are included:

  • Upload documents to AWS S3
  • Download documents from AWS S3
  • Create Folders in AWS S3
  • Delete documents from AWS S3

The plug-in also includes a function:

  • getPreSignedURLForS3 that generates a V4 pre signed url that expires after 5s. This allows for a short term access grant to a secured resource. It can be used in a WebAPI object to redirect a user from Appian to a resource on S3.

Amazon S3 Utilities supports the following Amazon S3 features:

Note:  The plug-in requires Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files when using client side encryption.

(https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html)

The Appian Secure Credential Store is leveraged for the credentials to integrate with Amazon S3. Before executing the plug-in, create an new secure credential store with the following 3 attributes.  These values are obtained from Amazon AWS IAM console.

  • accesskeyid: this is the access key id for connecting to AWS S3
  • accesskeysecret: this is the access key secret for connecting to AWS S3
  • kmscmkid: this attribute is only required if using AWS Client Side Encryption
Anonymous
  • v1.3.6 Release Notes
    • Updates to Jackson databind, core, and annotations libraries

  • Seems like the latest update yields this error when installing or upgrading from Admin Console -> Plugins -> Add Plug-Ins

    HTTP Code: 500
APNX-1-4198-019

An Error Has Occurred
Expression evaluation error [evaluation ID = b6607:8126d] : An error occurred while executing a save: java.util.UnknownFormatConversionException: Conversion = 'D'

    Any ideas on how to resolve?

  • in reply to Mike Cichy

    Yeah it is causing an issue. The document cannot be downloaded since the site cannot be reached. This is what I see on the browser:

    __________________

    This site can’t be reached

    Check if there is a typo in s3.{bucket-name}.amazonaws.com.

    DNS_PROBE_FINISHED_NXDOMAIN
    _____________________
    I tried substituting  the domain name format to the format that  is there in console. But it returns another error, complaining about  a parameter in the URL generated by the plugin is not in the proper format. Below is what I see. It seems like the service is expecting X-Amz-Credential parameter  to contain  the region name, but the plugin is attaching the bucket-name to  the parameter.
    _______________________
    <Error>
    <Code>AuthorizationQueryParametersError</Code>
    <Message>Error parsing the X-Amz-Credential parameter; the region {bucket-name} is wrong; expecting 'us-east-1'</Message>
    <Region>us-east-1</Region>
    <RequestId>PGFXG4JR599R0HHP</RequestId>
    <HostId>OBy+93cPl8DsTSD1zKFZq2d1SoPaSewobbDKJDH82K7xy4Zpw+WhLta3W1MvbguaLslf14XPq0BNVB2j9ApICA==</HostId>
    </Error>
    _____________________
  • in reply to Puspendu Pal

    Is this causing an issue? Can you not access the doc?

  • When using the function  getPreSignedURLForS3, it is returning a singed URL starting with the domain name as below. 

    https://s3.{bucket-name}.amazonaws.com/

    While my domain name for the S3 bucket in console is as below

    https://{bucket-name}.s3.us-east-1.amazonaws.com/

    Does anybody know, why the function returns the URL an incorrect format. I am passing the region parameter as "us-east-1". Or how can I fix/correct this?

  • v1.3.5 Release Notes
    • Security Updates

  • in reply to VKS

    Not sure if that is possible, you may got some help on S3 forums. Since the web api response is a redirect, the extra headers don't do anything. 

  • in reply to Mike Cichy

    Thank Mike ! I am able to download file now...but one more challenge i am facing is that I need to rename the file which is being getting download from presigned URL.I try to add extra header

    Content-Disposition: attachment; filename="test.txt"

    But it is not working

    Any suggestion ?
  • in reply to Rohit Mehta

    Why are you linking to an integration object? The link needs to be to the web api, otherwise the integration object runs and generates the link once - the web api never reevaluates again.

    You need a link to the web api with a doc id as param, and a redirect and the URL in the Location header.

    Some helpful background reading: en.wikipedia.org/.../HTTP_302

  • in reply to Rohit Mehta

          I am facing the same issue ,link is working fine for the first time but after that ,link is giving timeout error....I have generated presigned URL in web api and that web api is being called from interface in safelink .My requirement is to allow user to download document  any number of time...link should be available all the time.Could you please help here. and code sample ?

© 2025 Appian. All rights reserved.
We want to hear from you! Submit a review on Gartner or G2.