Skip to content

S3 publication plugin

This publication plugin uploads reports and attachments to any S3-compatible bucket.


This plugin has a configuration file (s3publisher.yaml by default) that describes the common service configuration options.

The configuration file also specifies bucket and s3credentials.

If no configuration file is found it will default to the following values:

kind: ServiceConfig
current-context: default
- name: default
    port: 443
    ssl_context: adhoc
      token: invalid-token
    bucket: example
    s3credentials: s3credentials.json


The bucket entry in the context specifies a target bucket name. Attachments will be stored in this bucket, under a {workflow_id}/{filename} key.

S3 credentials

The specified S3 credentials file must contain 4 entries:

  • region_name: a string
  • endpoint_url: a string
  • aws_access_key_id: a string
  • aws_secret_access_key: a string

It may contain additional entries, which are not used.

If the specified credential file is missing at startup time, attachments will be ignored by this publication plugins until a proper set of credentials is provided.

If the credential file changes, there is no need to restart the plugin: it will detect the changes and use the new set of credentials.

Example S3 credential file

    "region_name": "fr-par",
    "endpoint_url": "",
    "aws_access_key_id": "my_access_key_id",
    "aws_secret_access_key": "my_secret_access_key"