Integrate with Amazon S3

​

Before you begin

• A Pinecone account.
• An Amazon S3 bucket.

​

1. Create an IAM policy

1. In the navigation pane, click Policies.
2. Click Create policy.
3. In Select a service section, select S3.
4. Select the following actions to allow:
   • ListBucket: Permission to list some or all of the objects in an S3 bucket. Required for importing data and exporting audit logs.
   • GetObject: Permission to retrieve objects from an S3 bucket. Required for importing data.
   • PutObject: Permission to add an object to an S3 bucket. Required for exporting audit logs.
5. In the Resources section, select Specific.
6. For the bucket, specify the ARN of the bucket you created. For example: arn:aws:s3:::example-bucket-name
7. For the object, specify an object ARN as the target resource. For example: arn:aws:s3:::example-bucket-name/*
8. Click Next.
9. Specify the name of your policy. For example: “Pinecone-S3-Access”.
10. Click Create policy.

​

2. Set up access using an IAM role

1. In the navigation pane, click Roles.
2. Click Create role.
3. In the Trusted entity type section, select AWS account.
4. Select Another AWS account.
5. Enter the Pinecone AWS VPC account ID: 713131977538
6. Click Next.
7. Select the policy you created.
8. Click Next.
9. Specify the role name. For example: “Pinecone”.
10. Click Create role.
11. Click the role you created.
12. On the Summary page for the role, find the ARN. For example: arn:aws:iam::123456789012:role/PineconeAccess
13. Copy the ARN. You will need to enter the ARN into Pinecone later.

​

3. Add a storage integration

1. Select your project.
2. Go to Manage > Storage integrations.
3. Click Add integration.
4. Enter a unique integration name.
5. Select Amazon S3.
6. Enter the ARN of the IAM role you created.
7. Click Add integration.

​

Next steps

• Import data from your Amazon S3 bucket into a Pinecone index.
• Configure audit logs to export logs to your Amazon S3 bucket.