CloudWorks—This is how we use it, Part 2: setup

edited December 2022 in Best Practices
In Part 2 of our CloudWorks—This is how we use it series, we're diving into how to set up CloudWorks.

Need a refresher on the basics of CloudWorks? See Part 1.

Before starting anything, you need to identify and create an Integration Administrator (Learn more here: Access Control).

Ready? Let's start

Before we dive in, this article focuses on AWS S3 connection.

If you are leveraging Azure Blob, more details can be found here.

If you are leveraging Google GCP, more details can be found here.


Our use case for the purpose of this best practice is as follows: 

Screen Shot 2021-01-21 at 2.51.11 PM.png

We have source data from a file (Accounts.csv) on an Amazon S3 bucket, and we want to populate an Anaplan Module (AccountDetails) with it.




If you need help creating your AWS S3 bucket, follow this link: Set your AWS S3 bucket  

Now, to set up CloudWorks, follow these four steps:

Step 1. AWS S3 Authentication—Access Key ID and Secret Key

Follow these four steps:
  1. Log in to using your credentials.
  2. Go to My Security Credentials & Access keys (access key ID and secret access key).
  3. Click Create New Access Key.


  4. Download and secure the key file that contains Access Key Id & Secret Access Key.   

Screen Shot 2021-01-15 at 12.17.30 PM.png

Step 2. Authenticate in CloudWorks

Create a connection and authenticate with AWS S3 from CloudWorks.

Screen Shot 2021-01-15 at 12.20.13 PM.png

Learn more about creating a new connection

Step 3. Run your integrations

You can do so either manually or through a scheduler. Learn more about running an integration.

Step 4. Schedule an integration


For detailed guidelines about CloudWorks, scroll at the end of this page.


You are now officially a CloudWorks user. Congratulations!

Feel free to test your skills with our e-learning course.


And for more advanced topics, check out Part 3, Part 4 and Part 5!


Got feedback or questions on this article, let us know in the Comments thread below.


Contributing authors: Pavan Marpaka, Scott Smith, and Christophe Keomanivong.


  • karanAMP
    edited December 2022

    @annejulie great article 


    I do have a question in regards to AWS Access keys. Generating user-level access keys is always prohibited as it poses a great security risk. A lot of organizations' IT teams don't allow this. Is there a way anaplan can retrieve  temporary access keys?

  • pmarpaka
    edited December 2022

    Anaplan or CloudWorks doesn't have the ability to retrieve temporary access keys.  Perhaps, you can use AWS API to do this.  Once you do this, you can use CloudWorks API end point "patch a connection" to update AWS S3 credentials via a script (ex: python).  CloudWorks API will help automate updating connection details.  Here's the link to CloudWorks API and end point to "patch a connection".  Hope this helps!!!

  • karanAMP
    edited December 2022

    @pmarpaka that's pretty cool. Now I just have to convince IT to make it happen which is not so cool. 


    Thanks for the insights 

  • pmarpaka
    edited December 2022

    Take a look at Part 3 of this series for sample code on CloudWorks API.  It might help you make your case to your IT team.

  • karanAMP
    edited December 2022

    @pmarpaka I meant the AWS temp key API call to update the access key on routine. That part will take some convincing to do. patch a connection part is the easy bit . cheers 

  • Retroflame
    edited December 2022

    Hi @annejulie & @pmarpaka 


    Is there any level of encryption that takes place when Cloudworks fetches the file and uploads into a list/module. I understand that it doesnt support integration if the source file itself is encrypted. I just wanted to understand whether Cloudworks does some kind of encryption to the file during load for secure data transfer.