Getting Started

Features

Integrations

Reference

DriftOps polls your S3 bucket on a schedule. When new files matching your pattern arrive, they are downloaded, compared against the linked contract, and drift events are created for any differences.

Prerequisites

  • An AWS account with an S3 bucket containing the files you want to monitor
  • An IAM user or role with s3:ListBucket and s3:GetObject permissions on that bucket
  • Access key ID and secret access key for the IAM identity

Create the connection

  1. Go to Cloud Connections and click New Connection.
  2. Select AWS S3 as the provider.
  3. Fill in the form:
    • Name: a label for this connection
    • Access Key ID and Secret Access Key: your IAM credentials
    • Region: the AWS region your bucket is in (e.g. us-east-1)
    • Bucket Name: the exact bucket name
    • Prefix (optional): a path prefix to scope the watch, e.g. incoming/orders/
    • File Pattern: glob pattern for files to process, e.g. *.json or *.edi
    • Contract: the contract to compare incoming files against
    • Poll Interval: how often to check for new files (in minutes, default 60)
  4. Click Save.

DriftOps immediately encrypts the credentials and stores only the encrypted form. The raw credentials are never stored or returned.

Required IAM permissions

Minimum IAM policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket"
      ],
      "Resource": "arn:aws:s3:::your-bucket-name"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

Replace your-bucket-name with your actual bucket name. DriftOps does not write to or delete from your bucket.

Configuration options

prefix

Only process files under this path.

Default: all files
file_pattern

Glob pattern matched against file names.

Default: *.json
poll_interval_minutes

How often to check for new files.

Default: 60

Prefix example: If your bucket has incoming/demo/orders/ and incoming/other/orders/, set the prefix to incoming/demo/orders/ to scope the watch to a specific partner folder.

File pattern examples:

  • *.json - all JSON files
  • *.edi - all EDI files
  • 850_*.json - JSON files starting with 850_

How polling works

On each poll cycle DriftOps:

  1. Lists files in the bucket under the configured prefix that match the file pattern.
  2. Filters to files modified after the last successful poll.
  3. Downloads each new file.
  4. Computes a SHA-256 hash of the file content.
  5. Checks if this exact content has been processed before (deduplication).
  6. If it is new, runs the comparison and creates a drift event if differences are found.
  7. Marks the file as processed.

Files are processed in modification-time order, oldest first. If a poll cycle finds more than 100 new files, processing continues in subsequent cycles.

Troubleshooting

Connection shows as critical health Check the last error message on the connection detail page. Common causes:

  • Invalid credentials or expired access key
  • Bucket name typo
  • IAM permissions missing s3:ListBucket
  • Wrong region configured

Files are not being processed

  • Confirm the file pattern matches your actual file names
  • Check that the prefix ends with / if you are using a folder path
  • Verify the files have a modification time after the connection was created

Same file processed multiple times This should not happen due to content-hash deduplication. If you see it, check whether the file content is changing slightly between writes. DriftOps deduplicates by SHA-256 hash of the content, not by file name.

Something wrong? Email sales@driftops.io