search

segmentio / segment-docs

Segment Documentation. Powered by Jekyll.
https://segment.com/docs/
Creative Commons Attribution 4.0 International
48 stars 342 forks source link

[Content]: Amazon Kinesis Firehose Destination Configuration Guide #3720

Open joeynmq opened 1 year ago

joeynmq commented 1 year ago

What article on segment.com/docs is affected?

https://segment.com/docs/connections/destinations/catalog/amazon-kinesis-firehose/#attach-multiple-sources-to-your-iam-role

What part(s) of the article would you like to see updated?

The steps 3 & 4 under the Attach multiple sources to your IAM role section has flagged that the "sts:ExternalId": "YOUR_SEGMENT_SOURCE_ID".

However, we received some tickets from customers who were having problems connecting to Firehose destinations if they enter the Source ID to sts:ExternalId. We have then solved the issue by adding the Secret ID (as in the destination settings) to sts:ExternalId.

Screenshot 2022-10-26 at 9 45 00 AM

I would recommend updating our our docs here to avoid confusion. E.g., from "sts:ExternalId": "YOUR_SEGMENT_SOURCE_ID" to "sts:ExternalId": "YOUR_SECRET_ID"

Thanks :)

Additional information

No response

markzegarelli commented 1 year ago

Hi @joeynmq. Apologies for the delay on this one.

Would you recommend replacing the same value in this snippet as well?

 {
   "Version": "2012-10-17",
   "Statement": [
     {
       "Effect": "Allow",
       "Principal": {
         "AWS": "arn:aws:iam::595280932656:root"
       },
       "Action": "sts:AssumeRole",
       "Condition": {
         "StringEquals": {
           "sts:ExternalId": ["YOUR_SEGMENT_SOURCE_ID", "ANOTHER_SOURCE_ID", "A_THIRD_SOURCE_ID"]
         }
       }
     }
   ]
 }
joeynmq commented 1 year ago

Hi @markzegarelli, yes that would be great! I would recommend changing it from ["YOUR_SEGMENT_SOURCE_ID", "ANOTHER_SOURCE_ID", "A_THIRD_SOURCE_ID"] to ["YOUR_SEGMENT_SECRET_ID", "ANOTHER_SECRET_ID", "A_THIRD_SECRET_ID"]

Much appreciated :)