Overview

Buyer Cloud can deliver batch log data to customers' Amazon S3 accounts with the proper ACL permissions being added to your bucket policy. 

Please note the following information regarding Buyer Cloud Data Center locations and batch log consumption: 

• US-EAST-1, US-WEST-2, EU-WEST-1, and AP-NORTHEAST-1
• If you deploy bidding instances to multiple regions, you must co-locate your buckets in each respective region to consume batch Auction Logs and Bid Logs

• A single S3 bucket in any region can adequately store all of the following data types:

  1. Batch Wins
  2. Conversions
  3. Attributed Conversions
  4. IP-Attributed Conversions
  5. AdX Loss Logs
  6. Ghost Wins
  7. Ghost Attributed Conversions
  8. Ghost IP-Attributed Conversions
  9. Vendor Fees logs

Steps

1. Log into your AWS account on the AWS Management Console and go to the S3 tab.
   
   
2. Create a new bucket, in the US Standard S3 region.
   
   
   • Be sure to disable the “Requester Pays” feature as this will prevent Buyer Cloud from placing log files into your bucket.
   • Make sure the bucket name is a DNS-compliant address. For example, the name should not include any underscores; use hyphens instead. For more information on S3 bucket name guidelines, see AWS Bucket Restriction and Limitation documentation.
   
   
   
   
   
   
3. Proceed with all AWS default options, (including ensuring that your bucket is not made public). Create the S3 bucket with these settings.
   
   
4. Navigate back to your new bucket and click on it to edit. Go to the Permissions tab and click Bucket Policy:
   
   
   
   
5. In the Bucket Policy Editor pane, paste the following S3 policy object, editing it to replace <customer_bucket_name> with your customer bucket name and <folder/for/beeswax> with your folder path. Click Save. 
   

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Sid": "AllowListBucketOfASpecificUserPrefix",
               "Effect": "Allow",
               "Principal": {
                   "AWS": "arn:aws:iam::164891057361:role/bee-prod"
               },
               "Action": "s3:ListBucket",
               "Resource": "arn:aws:s3:::<customer_bucket_name>",
               "Condition": {
                   "StringLike": {
                       "s3:prefix": "<folder/for/beeswax>/*"
                   }
               }
           },
           {
               "Sid": "AllowUserSpecificActionsOnlyInTheSpecificUserPrefix",
               "Effect": "Allow",
               "Principal": {
                   "AWS": "arn:aws:iam::164891057361:role/bee-prod"
               },
               "Action": "s3:*",
               "Resource": "arn:aws:s3:::<customer_bucket_name>/<folder/for/beeswax>/*"
           }
       ]
   }

Your S3 bucket is now properly enabled.

Caveat: Buyer Cloud default recommendation for client s3 buckets is Default Encryption = None. However, if encryption is a requirement then the recommendation from Buyer Cloud is to utilize Default Encryption = AES-256; Buyer Cloud does not currently support KMS encryption and log-distribution will be denied when KMS encryption is configured.