Supported File Transfer Mechanisms

For batch file processing, the Spherical platform supports three file transfer options for our clients: AWS S3 buckets, Google Cloud Storage, and sFTP transfers.

Note: If you are sending plain-text or SHA-256 encoded emails, then it is required you send your file to a Lotame hosted AWS S3 bucket.

Client Hosted S3 Bucket

For S3 transfers, Spherical will look for files daily on an S3 bucket provided by the client. Spherical supports retrieving files using our Lotame External ARN. To support this, please perform the following on your S3 bucket.

  • Allow access to the Lotame ARN of arn:aws:iam::311305431179:role/LotameS2SExternalRole-us-east-1

  • Allow the following S3 actions to the above ARN:

    • s3:ListBucket

    • s3:GetObject

    • s3:DeleteObject

    • s3:PutObject

An example S3 bucket policy clause is below as an example:

{
  "Sid": "AllowLotameRead",
  "Effect": "Allow",
  "Principal": {
    "AWS": "arn:aws:iam::311305431179:role/LotameS2SExternalRole-us-east-1"
  },
  "Action": [
    "s3:ListBucket",
    "s3:GetObject",
    "s3:DeleteObject",
    "s3:PutObject"
  ],
  "Resource": [
    "arn:aws:s3:::<your bucket name>",
    "arn:aws:s3:::<your bucket name>/<base path for Lotame files>/*"
  ]
}

Lotame requires clients to provide the following:

  • The S3 bucket name where Spherical will retrieve the files.

  • As noted below, a directory structure is based on the root of the s3 bucket directory you provided above.

    • <clientDir1>/<clientDir2> Your Technical Account Manager will coordinate the naming of these two directories. Once created, they are static.
    • <clientDir1>/<clientDir2>/archive: Once processed, the data files are moved to this static folder.
      • Note: Clients hosting their own S3 buckets are responsible for managing and purging the archive folder at their own discretion. 
    • <clientDir1>/<clientDir2>/YYYYMMDD: This directory should be created daily by the process on your side that deposits the day's files.

Lotame requires clients to provide the following:

  • ARN of the AWS IAM role that will be used to access the bucket.

Lotame will return:

  • AWS S3 bucket name
  • A directory structure under that bucket that looks like the following

    • <clientDir1>/<clientDir2> Your Technical Account Manager will coordinate the naming of these two directories. Once created, they are static.
    • <clientDir1>/<clientDir2>/YYYYMMDD: This directory should be created daily by the process on your side that deposits the day's files.

Lotame supports retrieving files from your Google Cloud Storage bucket. To support, please provide Lotame with the following:

  • Storage Bucket Name & Path
  • Google Cloud Project ID
  • Service Account HMAC Secret & Access Keys
    • Permissions on the account that allows "Storage Object Admin"

Please share the HMAC keys securely. Reach out to your Lotame account representative for options.

sFTP Transfer

To host the files on your sFTP server, complete the following:

  • Apply the Lotame SSH key below to your server's trusted keys.
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwbD73LBTWKPQv4nLYPreilFEfgkehJsgApLxNbcJCsmATDBcEshL/pxXkhndScaQJ49ZGNbQf4dnfQAShjweJRwfpNFXyrgkGg/rCiv+XHVOZgyiRiWs4XvyH/yD72pGNse2ky9DLRMMRT2Mmikf7uAPvJMs1+yhYb7mJemLLeLhjQHrv6AirXkOUIl9nm2Xu2r7WebTsHV85e9q8qh2STEJRX/BYi4YeXA2NaJRs+6mX3uM3XuuUmHbCetm0XCxymNUujNqbxhaoKtvIySk80l5HAmqqULa/mEjZEgBrzRPJ0S+Ell8YeQbX47AkoyDulAXt+LysCFeOkXE7ImJjQ== ingestor@bat001.iad.crwdcntrl.net
  • Provide Lotame with the DNS or IP address of the sFTP server.
  • Provide Lotame with the username that will allow our SSH key to log in.
  • Create a directory structure as noted below based on the root of the username's path.
    • <clientDir1>/<clientDir2> Your Technical Account Manager will coordinate naming these two directories. Once created, they are static.
    • <clientDir1>/<clientDir2>/archive: Once processed, the data files are moved to this static folder.
      • Note: Clients hosting their own sFTP buckets are responsible for managing and purging the archive folder at their own discretion. 
    • <clientDir1>/<clientDir2>/YYYYMMDD: This directory should be created daily by the process on your side that deposits the day's files.

Lotame provides an sFTP server for file transfer. When you provide an SSH public key (in RSA format), Lotame will provide the sFTP user account and directory path to drop the files. 

sFTP processing requires a specific directory format, as described below.

  • <clientDir> Your Technical Account Manager will coordinate the naming of this directory. Once created, the directory is static.
  • <clientDir>/<YYYYMMDD>: This directory should be created daily by the process on your side that deposits the day's files.