S3 Universal Credential Sunset
ChannelMix has updated authorization for AWS S3 buckets to be IAM Role based. The use of Long-Term AWS keys has been sunset for our general S3 access.
How does this affect our users?
No actions are required for any client. There are two notable changes:
- Users setting up new clients will no longer see the ‘Alight Universal S3’ credential be associated with the new clients.
- ChannelMix now supports S3 connections using IAM Roles created and managed on the client side. This connection setup requires a ticket submission at the time of this post.
Why has this change been made?
Two main reasons:
- Role based access is considered best practice, granting more flexibility, control and security than long term access keys.
- The removal of S3 Universal credential means clients using their own s3 credentials will now have a One to One, Profile to Credential Type, relationship for S3. This is our Policy for all other Credential Type: Profile relationships.
If you have any questions please reach out to your CSM, and follow ChannelMix News for product updates!