Connect to Amazon S3 and S3-compatible services
Learn how to connect Amazon S3 and S3-compatible services to Retool.
You can use the Amazon S3 integration to create a resource and make it available in Retool. Once complete, your users can write queries that interact with Amazon S3 data.
Requirements
The Amazon S3 integration requirements depend on whether you have a cloud-hosted or self-hosted Retool organization. You may also need to make Amazon S3 configuration changes before creating the resource.
- Cloud-hosted organizations
- Self-hosted organizations
Sufficient user permissions to create resources
Allow Retool to access the data source
Amazon S3 settings and authentication
Before you create a resource, you must configure CORS to allow Retool access to write or modify data. The CORS configuration depends on your use case.
Amazon S3
[
{
"AllowedOrigins": ["https://<your-domain>.retool.com"], // FQDN of your Retool deployment.
"AllowedMethods": ["PUT", "POST", "DELETE"],
"AllowedHeaders": ["*"]
},
{
"AllowedOrigins": ["*"],
"AllowedMethods": ["GET"]
}
]
Create access credentials
S3-compatible services
Retool authenticates with S3-compatible services using access keys. Generate access credentials and provide them as values for AWS Access Key ID and AWS Secret Key ID.
Retool requires GET, PUT, POST, and DELETE. Set the origin to your Retool organization URL.
Sufficient user permissions to create resources
Allow your deployment to access the data source
Amazon S3 settings and authentication
Before you create a resource, you must configure CORS to allow Retool access to write or modify data. The CORS configuration depends on your use case.
Amazon S3
[
{
"AllowedOrigins": ["https://retool.example.com"], // FQDN of your self-hosted Retool deployment.
"AllowedMethods": ["PUT", "POST", "DELETE"],
"AllowedHeaders": ["*"]
},
{
"AllowedOrigins": ["*"],
"AllowedMethods": ["GET"]
}
]
Create access credentials
S3-compatible services
Retool authenticates with S3-compatible services using access keys. Generate access credentials and provide them as values for AWS Access Key ID and AWS Secret Key ID.
Retool requires GET, PUT, POST, and DELETE. Set the origin to your Retool organization URL.
Configure the CORS policy
- Cloud-hosted organizations
- Self-hosted organizations
Before you create a resource, you must configure CORS to allow Retool access to write or modify data. The CORS configuration depends on your use case.
Amazon S3
[
{
"AllowedOrigins": ["https://<your-domain>.retool.com"], // FQDN of your Retool deployment.
"AllowedMethods": ["PUT", "POST", "DELETE"],
"AllowedHeaders": ["*"]
},
{
"AllowedOrigins": ["*"],
"AllowedMethods": ["GET"]
}
]
Create access credentials
S3-compatible services
Retool authenticates with S3-compatible services using access keys. Generate access credentials and provide them as values for AWS Access Key ID and AWS Secret Key ID.
Retool requires GET, PUT, POST, and DELETE. Set the origin to your Retool organization URL.
Before you create a resource, you must configure CORS to allow Retool access to write or modify data. The CORS configuration depends on your use case.
Amazon S3
[
{
"AllowedOrigins": ["https://retool.example.com"], // FQDN of your self-hosted Retool deployment.
"AllowedMethods": ["PUT", "POST", "DELETE"],
"AllowedHeaders": ["*"]
},
{
"AllowedOrigins": ["*"],
"AllowedMethods": ["GET"]
}
]
Create access credentials
S3-compatible services
Retool authenticates with S3-compatible services using access keys. Generate access credentials and provide them as values for AWS Access Key ID and AWS Secret Key ID.
Retool requires GET, PUT, POST, and DELETE. Set the origin to your Retool organization URL.
Configure the resource
Sign in to your Retool organization and navigate to the Resources tab. Click Create new > Resource, then select Amazon S3.
Configuration
Specify the name, location, and description to use for your Amazon S3 resource. Retool displays the resource name and type in query editors to help users identify them.
Provide the following configuration settings to create the resource. Depending on how your data source is configured, you may also need to provide optional settings for Retool to connect.
You can automatically populate resource configuration fields by importing an AWS-hosted data source.
- Cloud-hosted organizations
- Self-hosted organizations
Name
Description
Bucket name
Default S3 ACL for uploaded files
Override default outbound Retool region
Name
Description
Bucket name
Default S3 ACL for uploaded files
Authentication
The Amazon S3 integration supports the following authentication methods. Depending on which authentication method you use, you may need to make changes to your Amazon S3 configuration.
- Cloud-hosted organizations
- Self-hosted organizations
AWS Identity and Access Management
AWS Identity and Access Management
Test the connection
Click Test Connection to verify that Retool can successfully connect to the data source. If the test fails, check the resource settings and try again.
Testing a connection only checks whether Retool can successfully connect to the resource. It cannot check whether the provided credentials have sufficient privileges or can perform every supported action.
Save the resource
Click Create resource to complete the setup. You can then click either Create app to immediately start building a Retool app or Back to resources to return to the list of resources.
Next steps
Your Amazon S3 resource is now ready to use. Check out related queries and code documentation to learn how to interact with Amazon S3 data.
Queries and code quickstart
Fundamental concepts of queries and code.
Resource query tutorial
Hands-on introduction to querying APIs and databases.
Amazon S3 query tutorial
Hands-on introduction to querying Amazon S3 data.