Setting Up S-Docs Amazon S3 Connection
S-Docs connects seamlessly with Amazon Simple Storage Service (Amazon S3), meaning that you can generate documents securely on the Salesforce platform and then upload them to an S3 bucket -- all without ever leaving Salesforce. This article will provide you with step-by-step instructions for configuring the S-Docs Amazon S3 connection. For the purposes of this guide, we'll assume that you have already created an Amazon S3 account and an Amazon S3 bucket.
Gather AWS Information
Create an Access Key
- Open the IAM console at https://console.aws.amazon.com/iam/.
- On the navigation menu, choose Users.
- Choose your IAM user name (not the check box).
- Open the Security credentials tab, and then choose Create access key.
- To see the new access key, choose Show. Your credentials resemble the following:
- Access Key ID: AKIAIOSFODNN7EXAMPLE
- Secret Access Key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
- Save these values. To download the key pair, choose Download .csv file. Store the .csv file with keys in a secure location.
Gather Bucket Information
- In to the AWS Management Console, open the Amazon S3 console at https://console.aws.amazon.com/s3/
- In the Buckets list, locate your preferred bucket. Copy and save the S3 Bucket Name and its AWS Region
Create External Credential
-
In Salesforce, navigate to Setup > Security > Named Credentials > External Credentials tab and click New
-
Fill in the following information:
Label: s3Upload
Name: s3Upload
Authentication Protocol: AWS Signature Version 4
Service: s3
Region: Client’s AWS region
AWS Account ID: Client’s AWS Account ID
Create Named Principal
-
In Salesforce, navigate to Setup > Security > Named Credentials > External Credentials tab > click s3Upload > Under Principals click New (Typically you are in the External Credential page after creation)
-
Fill in the following information:
Parameter Name: s3Upload
Sequence Number: 1
Access Key: Client’s AWS Access Key
Access Secret: Client’s Secret Access Key
Create Named Credential
-
In Salesforce, navigate to Setup > Security > Named Credentials and click New
-
Fill in the following information
Label: s3Upload
Name: s3Upload
URL: https://[BUCKET_NAME].s3.[REGION].amazonaws.com
External Credential: Choose s3Upload in dropdown
Generate Authorization Header: Checked
Allowed Namespaces for Callouts: SDOC
Create and Assign Permission Set to User
The permission set should contain the following:
-
-
Access to Read, Create, Edit, Delete for the object: User External Credentials
-
External Credential Principal Access - “s3Upload - s3Upload”
-
For more information on User External Credentials, reference the Salesforce guide here.
Add the Amazon S3 Enabled Field to the Template Detail Page
To specify which templates can be uploaded to Amazon S3, you need to add the Amazon S3 Enabled checkbox field to your template record detail page. From the setup menu, navigate to the Object Manager and find the SDoc Template object.
Navigate to the Page Layouts tab and click Edit for the SDoc Template layout.
Find the Amazon S3 Enabled field in the Fields section of the layout editor. Drag it down into the SDoc Template Detail section. Then, click Save.
Upload Documents to S3
To enable a template for upload to Amazon S3, simply check the Amazon S3 Enabled checkbox on the template detail page.
When you generate this template, you'll now see an Upload Selected Documents to S3 button on the Generated Documents page.
You will receive a success message when your document is successfully uploaded.
Automatically Uploading Documents to S3
Although the default S-Docs & Amazon S3 connection allows you to choose whether or not a document should be uploaded to your S3 bucket, you can also modify this configuration so that documents are automatically uploaded to S3 whenever they are generated. To do so, simply modify your S-Docs button URL and add the autoS3='true' parameter to the end. For example, an S-Docs Account button with the automatic S3 upload feature would look like this:
{!URLFOR('/apex/SDOC__SDCreate1', null,[id=Account.Id, Object='Account', autoS3='true'])}