Overview

The AWS connector enables your AI Colleagues to integrate with your organization's Amazon Web Services (AWS) platform, facilitating automated cloud storage management, secure file sharing, and URL generation workflows.

Amazon Web Services (AWS) is a comprehensive, evolving cloud computing platform provided by Amazon, offering a mix of infrastructure as a service (IaaS), platform as a service (PaaS), and packaged software as a service (SaaS). The AWS connector allows Leena AI to automate cloud storage workflows, generate secure pre-signed URLs for S3 objects, and interact with AWS S3 seamlessly.

API Details

Leena AI integrates with AWS via REST APIs using the AWS SDK.

Documentation link: https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html

Setup

The AWS connector uses Access Key authentication with Access Key ID and Secret Access Key credentials.

Prerequisites

Before setting up the AWS connector, ensure you have:

Administrator access to your AWS Management Console
Access to AWS Identity and Access Management (IAM)
Ability to create IAM users and access keys in AWS
Access to your Leena AI workspace with connector management permissions
S3 bucket(s) with appropriate permissions configured

Get credentials

Here is how to create AWS Access Keys in AWS Management Console:

Log in to AWS Management Console (Ensure you're signed in as an admin or IAM user with appropriate permissions).
Navigate to IAM Console:
1. In the AWS Console home page, search for IAM in the top search bar
2. Click on IAM (Manage access to AWS resources)
Create or Select IAM User:
1. In the left sidebar, click on Users
2. Either select an existing IAM user or click Add users to create a new user
3. If creating a new user, enter a user name and proceed with permission configuration

Attach Required Permissions:

For S3 access, attach a policy with appropriate S3 permissions
You can use AmazonS3FullAccess for full access or create a custom policy for specific bucket access
Example custom policy for specific bucket:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:GetObject",
        "s3:PutObject"
      ],
      "Resource": [
        "arn:aws:s3:::YOUR_BUCKET_NAME",
        "arn:aws:s3:::YOUR_BUCKET_NAME/*"
      ]
    }
  ]
}

Generate Access Keys:
1. Inside the selected user's page, click on the "Security credentials" tab
2. Scroll down to the "Access keys" section
3. Click on "Create access key"
4. For use case, select "Third-party service" or "Other"
5. Click Next and optionally add a description tag
6. Click "Create access key"
Save and Note Credentials:
1. Your Access Key ID and Secret Access Key will be displayed
2. Click "Download .csv file" to save your credentials securely
3. Important: The Secret Access Key is only shown once during creation. If you lose it, you must create a new access key

Add connection

Here is how to add a connection on Leena AI:

Log in to your Leena AI workspace
Navigate to Settings > Integrations
Search for "AWS" and select it from the list to add its new connector
Start configuring the connector
1. Access Key Id: AWS IAM user access key ID
2. Secret Access Key: AWS IAM user secret access key
Save Configurations
1. Click Save/Connect in Leena AI for AWS connector setup
2. The connector will be saved and ready for use

Actions

The following actions are supported for the AWS connector:

S3 Get Public Url

Generates a public URL for an object stored in an AWS S3 bucket. The Agent can leverage the skill (workflow), which has been designed to construct a public URL for an S3 object, once the user raises a query to do so.

This action is useful for easily sharing public assets like images, documents, or other media without needing complex access controls. For this link to work, the object's permissions in AWS S3 must be configured for public read access.

Input Parameters

Here are the input parameters required to set up this action:

Mandatory

Name	Description
Region	The AWS region where the S3 bucket is hosted (e.g., us-west-2)
Key	The object's key (full path and filename) in the S3 bucket
Bucket	The name of the S3 bucket containing the object

Here is a sample JSON input:

{
  "region": "us-west-2",
  "key": "documents/report.pdf",
  "bucket": "my-company-bucket"
}

Response

Upon successful execution, the action returns:

Success status (boolean)
Public URL in the format: https://<bucket>.s3.<region>.amazonaws.com/<key>

Example response:

{
  "success": true,
  "data": "https://my-company-bucket.s3.us-west-2.amazonaws.com/documents/report.pdf"
}

S3 Get Pre Sign Url

Generates a secure, time-limited pre-signed URL for an object stored in an AWS S3 bucket. The Agent can leverage the skill (workflow), which has been designed to create a temporary access URL for private S3 objects, once the user raises a query to do so.

A pre-signed URL grants temporary access to a specific S3 object without requiring the user to have AWS credentials. This is ideal for securely sharing sensitive documents, enabling temporary file downloads, or allowing time-restricted access to private bucket contents. Here are some common use cases:

Secure Document Sharing: Share confidential files with external parties for a limited time
Temporary Downloads: Allow users to download files without exposing AWS credentials
Time-Restricted Access: Provide access that automatically expires after a defined period
Controlled File Distribution: Distribute files while maintaining security and access tracking