Amazon Web Services

There are many components within Redpanda Connect which utilize AWS services. You will find that each of these components contains a configuration section under the field credentials, of the format:

  profile: ""
  id: ""
  secret: ""
  token: ""
  role: ""
  role_external_id: ""

This section contains many fields and it isn’t immediately clear which of them are compulsory and which aren’t. This document aims to make it clear what each field is responsible for and how it might be used.


By explicitly setting the credentials you are using at the component level it’s possible to connect to components using different accounts within the same Redpanda Connect process.

If you are using long term credentials for your account you only need to set the fields id and secret:

  id: foo     # aws_access_key_id
  secret: bar # aws_secret_access_key

If you are using short term credentials then you will also need to set the field token:

  id: foo     # aws_access_key_id
  secret: bar # aws_secret_access_key
  token: baz  # aws_session_token

Assume a role

It’s also possible to configure Redpanda Connect to assume a role using your credentials by setting the field role to your target role ARN.

  role: fooarn # Role ARN

This does NOT require explicit credentials, but it’s possible to use both.

If you need to assume a role owned by another organization they might require you to provide an external ID, in which case place it in the field role_external_id:

  role: fooarn # Role ARN
  role_external_id: bar_id