Follow the below steps to import a CSV data file from an Amazon S3 Bucket into MetaLocator.
The first step is to ensure your CSV files are ready and available in an Amazon S3 bucket.
Creating and Configuring the Amazon S3 Bucket
AWS recommends using IAM permissions and least-privilege policies for this type of access, and access keys are used for programmatic access to AWS resources.
Goal
Create credentials that can:
List the contents of one specific S3 bucket.
Download files from that bucket.
Not upload, delete, modify, or access other buckets.
1. Create the S3 bucket
Sign in to the AWS Console.
Go to S3.
Click Create bucket.
Enter a globally unique bucket name, for example:
my-company-download-files
Choose the AWS Region.
Leave Block all public access enabled.
Keep ACLs disabled unless you have a specific reason to use them.
Enable encryption if desired.
Click Create bucket.
2. Create an IAM policy for download-only access
Go to IAM → Policies → Create policy → JSON.
Use this policy, replacing YOUR-BUCKET-NAME with the actual bucket name:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListOnlyThisBucket",
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::YOUR-BUCKET-NAME"
},
{
"Sid": "DownloadOnlyFromThisBucket",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*"
}
]
}Example with a real bucket name:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ListOnlyThisBucket",
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::my-company-download-files"
},
{
"Sid": "DownloadOnlyFromThisBucket",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::my-company-download-files/*"
}
]
}Name the policy something like:
DownloadOnly-my-company-download-files
This grants only s3:ListBucket on the bucket itself and s3:GetObject on objects inside the bucket. AWS S3 permissions distinguish bucket-level actions from object-level actions, so both resource ARNs are needed.
3. Create an IAM user for programmatic access
Go to IAM → Users.
Click Create user.
Enter a name such as:
s3-download-only-user
Do not give the user AWS Console access unless required.
On permissions, choose Attach policies directly.
Select the policy you created:
DownloadOnly-my-company-download-files
Click Create user.
4. Create the Access Key ID and Secret Access Key
Open the IAM user you just created.
Go to the Security credentials tab.
Under Access keys, click Create access key.
Choose the use case, usually Application running outside AWS or equivalent.
Confirm the recommendation notice.
Click Create access key.
Copy or download the credentials.
You will receive:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
Important: AWS only shows the secret access key once. Store it securely when it is created. If it is lost, you must delete the key and create a new one.
5. Test the Credentials
Login to MetaLocator
Click Locations -> Import
Choose Amazon S3
Enter your Access ID, Secret Key, Region and Bucket Name.
Provide a path if needed to indicate any sub-directory to load files from.
Click Load File List
Import Data
At this stage, if you have not uploaded any CSV files into this bucket, you will see an error that there are no CSV files available. Otherwise, if successful, the "Files" dropdown will show files available for download as shown below:
Choose a file from the "Files" list and click Next.
Click Next, and the import process will continue as usual.
Be sure to appropriately map your CSV columns to MetaLocator System columns as provided during the next step in the import process.