Documentation Index
Fetch the complete documentation index at: https://docs.unstructured.io/llms.txt
Use this file to discover all available pages before exploring further.
Enterprise Connect is available for dedicated instance customers only. Contact your Unstructured account team or Unstructured Support to have it enabled on your instance.
Enterprise Connect credential model
Enterprise Connect is an authentication method that provides workspace-level credential management for AWS connectors. When a connector runs, Unstructured uses AWS Security Token Service (STS) to assume an IAM role in your AWS account and receive temporary credentials. No credentials are stored; they expire automatically.Supported AWS connectors
Enterprise Connect supports the following AWS connectors:- AWS S3
How Enterprise Connect works
When a connector runs, Unstructured uses a verified AWS identity to obtain temporary credentials from AWS STS, without storing them.- In your AWS account, create an IAM role and attach a trust policy that permits Unstructured’s service role to assume it. The trust policy includes an external ID, a unique value you generate and provide. Because only you know this value, only your workspace can trigger the role assumption, preventing the confused deputy problem.
- When a connector runs, it assumes your IAM role using the AWS STS
AssumeRoleAPI and receives temporary, least-privilege credentials. - Unstructured uses the temporary credentials for that operation only and never stores them.
Requirements
Enterprise Connect requires the following:- A dedicated instance provisioned for your Unstructured account, with Enterprise Connect enabled. Contact your Unstructured account team or Unstructured Support to request access and have it enabled.
- An AWS account where you can create and manage IAM roles.
Configure your connector
Each connector has separate setup procedures for source and destination. Select your preferred interface (UI or API) to go to the Enterprise Connect setup instructions for your connector.A connector configured with Enterprise Connect is available only in the workspace where it was created. It is not accessible from other workspaces in your Unstructured account.