Search documentation...


Amazon Web Services


Hightouch's AWS integration powers several features:

  • External Storage via S3
  • The Athena source
  • The S3 source
  • The S3 destination


To start the process of connecting your AWS account to Hightouch, navigate to your Integration Settings. Under Cloud Providers, click Add Cloud Provider, and select Amazon Web Services.

Give your Credential a name, then select either Cross-Account Role or Access Key.

Cross-account role

Cross-account roles are a mechanism provided by AWS to allow you to grant secure access to Hightouch without requiring that you hand over sensitive secrets like Secret Access Keys.

The Hightouch UI will display an Account ID and a randomly generated External ID, as shown below, which must be plugged into an IAM Role you create in your AWS account. Store these values for future reference.

Neither the Account ID nor the External ID are secrets, so don't worry about keeping them somewhere secure.

  1. From your AWS console, navigate to IAM > Roles and click Create Role.
  2. Under Select type of trusted entity, choose Another AWS account.
  3. Proceed to attach permissions to the role, choose a name, then create the role.
    • The exact permission policies you attach depend on which Hightouch features you intend to use. Consult the documentation for those services for further guidance.
  4. Copy the Role ARN from AWS IAM and paste it into the Role ARN field in Hightouch. Click Create to complete the process.

For more information, read AWS's tutorial on delegating access cross-account using IAM Roles.

Access key

The Access Key access type allows you to configure Hightouch to use an IAM user by providing the user's Access Key ID and Secret Access Key.

If you need help generating these keys, consult the IAM article on this topic.

Once you have an Access Key ID and Secret Access Key, paste those values into the form and click Create.

    Need help?

    Our team is relentlessly focused on your success. We're ready to jump on a call to help unblock you.

    • Connection issues with your data warehouse?
    • Confusing API responses from destination systems?
    • Unsupported destination objects or modes?
    • Help with complex SQL queries?

    Feature Requests?

    If you see something that's missing from our app, let us know and we'll work with you to build it!

    We want to hear your suggestions for new sources, destinations, and other features that would help you activate your data.

On this page

OverviewSetupCross-account roleAccess key

Was this page helpful?