Introducing Storage Connections

Storage Connections bridges the gap between your existing data infrastructure and AI applications. Instead of uploading files one-by-one into chat interfaces or building custom integrations, simply connect your Amazon S3 buckets to Vendia and give AI agents secure access to the files they need — whether it’s product catalogs, reference documentation, images, or analytics data.

With Storage Connections, you unlock powerful AI workflows while maintaining complete control:

• Leverage Existing Infrastructure: AI agents work directly with files in your S3 buckets — no data migration required
• Maintain Control: Two-layer security (IAM + Access Policies) ensures AI agents only access what they need
• Enable Rich Workflows: AI can read context, generate reports, process images, and create new content — all within your secure infrastructure
• Scale Effortlessly: From a few reference documents to enterprise-wide data access, Storage Connections scales with your needs

Free Tier - Demo Vendia Connection

Free Tier users can explore Storage Connections immediately using the pre-configured Demo Vendia Connection that includes sample data (Airline Customer Data, Charts, Images, NYC Taxi Data, Sample Loan Mortgage Agreement) and ready-to-use prompts. No S3 bucket setup required to get started. See Free Tier Overview for details.

How It Works

Access is controlled through a powerful two-layer permission system:

1. IAM Permissions: Define the outer boundary of what operations are possible at the AWS level
2. Access Policies: Provide fine-grained control within those boundaries using glob patterns to specify exactly which files and folders AI agents can access and what operations they can perform

This architecture gives you defense-in-depth: even if an AI agent requests broad access, your IAM policies and access policies work together to enforce exactly what you intend to allow.

Getting Started

1. Plan Your Access Strategy: Determine which files and folders AI agents need to access and what operations they should perform
2. Configure IAM Permissions: Set up the appropriate IAM permissions in AWS
3. Create Storage Connection: Configure the connection in your Vendia dashboard
4. Configure Access Policies: Define fine-grained access control for AI agents using glob patterns
5. Use with AI Applications: Access your S3 files through MCP-compatible AI applications

Access Control Overview

IAM Permissions (AWS Level)

IAM permissions define what’s technically possible and act as a security boundary:

• Read Operations: Requires s3:GetObject and s3:ListBucket permissions
• Write Operations: Requires s3:PutObject permission
• Delete Operations: Requires s3:DeleteObject permission
• Complete Access: Requires all permissions: s3:GetObject, s3:ListBucket, s3:PutObject, and s3:DeleteObject

Access Policies (Vendia Level)

Access policies provide fine-grained control within IAM boundaries using glob patterns to specify:

• Actions: What AI agents can do (FILE_READ, FILE_WRITE, FILE_CREATE, FILE_DELETE)
• Resources: Which files and folders these actions apply to (using glob patterns like docs/**, *.txt, reports/**/*.pdf)

Two-Layer Security

For an operation to succeed, both IAM permissions and access policies must allow it. IAM permissions set the maximum possible access, while access policies further restrict what AI agents can actually do.

See Access Policies for detailed configuration guidance.

Supported File Types

Storage Connections supports a wide range of file types, enabling diverse AI workflows:

File Type	Extensions	Read Support	Write Support
Text Files	.txt, .md, .json, .csv, .xml, .yaml, .yml	✓	✓
Image Files	.jpg, .jpeg, .png, .gif, .bmp, .webp	✓	✓
PDF Files	.pdf	✓	✓
Spreadsheets	.xlsx, .xls	✓	✓
Documents	.docx	✓	✓
Presentations	.pptx	✓	✓

Whether you’re enabling AI to read product specifications, analyze spreadsheets, process images, or generate reports, Storage Connections provides the file access you need.

File Size Considerations for Writing

Non-text (non-UTF) files may be limited to small sizes when uploaded via chat-based agents, due to character constraints inherent to these tools. For larger files, use direct upload methods outside of chat-based workflows.