Configure AWS with Named Credentials

Setting Up S-Docs Amazon S3 Connection

S-Docs connects seamlessly with Amazon Simple Storage Service (Amazon S3), meaning that you can generate documents securely on the Salesforce platform and then upload them to an S3 bucket -- all without ever leaving Salesforce. This article will provide you with step-by-step instructions for configuring the S-Docs Amazon S3 connection. For the purposes of this guide, we'll assume that you have already created an Amazon S3 account and an Amazon S3 bucket.

Note: This connection supports uploading documents to one S3 bucket at a time. To change buckets in the future, you will need to resubmit your Amazon S3 credentials.

Gather AWS Information

Create an Access Key

  1. Open the IAM console at
  2. On the navigation menu, choose Users.
  3. Choose your IAM user name (not the check box).
  4. Open the Security credentials tab, and then choose Create access key.
  5. To see the new access key, choose Show. Your credentials resemble the following:
    • Secret Access Key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  6. Save these values. To download the key pair, choose Download .csv file. Store the .csv file with keys in a secure location.

Gather Bucket Information

  1. In to the AWS Management Console, open the Amazon S3 console at
  2. In the Buckets list, locate your preferred bucket. Copy and save the S3 Bucket Name and its AWS Region

Create External Credential

  1. In Salesforce, navigate to Setup > Security > Named Credentials > External Credentials tab and click New

  2. Fill in the following information:

    Label: s3Upload
    Name: s3Upload
    Authentication Protocol: AWS Signature Version 4
    Service: s3
    Region: Client’s AWS region
    AWS Account ID: Client’s AWS Account ID

Create Named Principal

  1. In Salesforce, navigate to Setup > Security > Named Credentials > External Credentials tab > click s3Upload > Under Principals click New (Typically you are in the External Credential page after creation)

  2. Fill in the following information:

    Parameter Name: s3Upload
    Sequence Number: 1
    Access Key: Client’s AWS Access Key
    Access Secret: Client’s Secret Access Key

Create Named Credential

  1. In Salesforce, navigate to Setup > Security > Named Credentials and click New

  2. Fill in the following information

    Label: s3Upload
    Name: s3Upload
    URL: https://[BUCKET_NAME].s3.[REGION]
    External Credential: Choose s3Upload in dropdown
    Generate Authorization Header: Checked
    Allowed Namespaces for Callouts: SDOC

Create and Assign Permission Set to User

The permission set should contain the following:

    1. Access to Read, Create, Edit, Delete for the object: User External Credentials

    2. External Credential Principal Access - “s3Upload - s3Upload”

For more information on User External Credentials, reference the Salesforce guide here.

Add the Amazon S3 Enabled Field to the Template Detail Page

To specify which templates can be uploaded to Amazon S3, you need to add the Amazon S3 Enabled checkbox field to your template record detail page. From the setup menu, navigate to the Object Manager and find the SDoc Template object.

Navigate to the Page Layouts tab and click Edit for the SDoc Template layout.

Find the Amazon S3 Enabled field in the Fields section of the layout editor. Drag it down into the SDoc Template Detail section. Then, click Save.

Upload Documents to S3

To enable a template for upload to Amazon S3, simply check the Amazon S3 Enabled checkbox on the template detail page.

When you generate this template, you'll now see an Upload Selected Documents to S3 button on the Generated Documents page.

You will receive a success message when your document is successfully uploaded.

Note: The document will be both uploaded to S3 and saved in the S-Docs related list on your base record. If you don't want your documents to be saved in Salesforce, you can configure a trigger that removes them when they are sent to S3.

Automatically Uploading Documents to S3

Although the default S-Docs & Amazon S3 connection allows you to choose whether or not a document should be uploaded to your S3 bucket, you can also modify this configuration so that documents are automatically uploaded to S3 whenever they are generated. To do so, simply modify your S-Docs button URL and add the autoS3='true' parameter to the end. For example, an S-Docs Account button with the automatic S3 upload feature would look like this:

{!URLFOR('/apex/SDOC__SDCreate1', null,[id=Account.Id, Object='Account', autoS3='true'])}
Note: Documents generated via automation (S-Docs Jobs) that have the S3 Enabled field checked will always be uploaded to Amazon S3 after generation. This includes documents generated with the S-Docs Mass Merge (batch) feature.

Was this helpful?