Skip to main content

Overview

Data Sharing via S3 provides businesses with automated transfer of user financial data to their designated Amazon S3 buckets. This service operates on configurable schedules, ensuring businesses receive timely updates without manual intervention.

Data Extraction & Transfer Process

Process Explanation

  1. Data Sharing Scheduled: The business configures a data sharing schedule based on their requirements (e.g., daily, weekly).
  2. Cron Triggered: At the scheduled interval, a cron job is automatically triggered to initiate the data sharing process.
  3. Fetch All Users of Business: The system retrieves a list of all users associated with the business.
  4. Extract All Available Data: For each user, the system extracts all available financial data including analytics and FI (Financial Information) data (as per business requirement)
  5. Send to Business’s S3 Bucket: The extracted data is transferred to the business’s designated S3 bucket.

S3 File Structure

File Structure Explanation

The data is organized in the S3 bucket using a hierarchical folder structure:
LevelDescription
bucket_nameThe S3 bucket name shared by the business
dateDate folder for organizing data by transfer date
user_idIndividual folder for each user’s data
analytics#Analytics data file, tagged with financial information type
fi_data#Raw financial data file, tagged with financial information type

Example Path

axis-data-bucket/
└── 2024-12-24/
    └── user_12345/
        ├── analytics#DEPOSIT
        ├── analytics#EQUITIES
        ├── fi_data#MUTUAL_FUNDS
        └── fi_data#ETF

Configuration Requirements

S3 Bucket Setup

The data sharing service requires cross-account access between our system and your S3 bucket. This involves configuration on both sides:

On Your Side (Business S3 Account)

  • Bucket Name: Provide unique S3 bucket identifier
  • Bucket Policy: Configure bucket policy to allow our service access
  • Permissions: Grant PutObject and PutObjectAcl permissions to our service role
Example bucket policy structure: 
{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::OUR-ACCOUNT-ID:role/moneyone-data-sharing-service-role"
    },
    "Action": ["s3:PutObject"],
    "Resource": "arn:aws:s3:::your-bucket-name/*"
  }]
}

On Our Side (MoneyOne Data Sharing Service)

  • Service Role: Our ECS task role configured with cross-account permissions
  • IAM Policy: Policy allowing write access to your specific S3 bucket

Required Information Exchange

To set up the cross-account access, we will provide:
  • Service Role ARN: Our ECS task role identifier for bucket policy configuration
  • Required Permissions: Specific S3 actions needed (PutObject)
You will provide:
  • S3 Bucket Name: Target bucket for data delivery