AWS SSO Setup

This guide walks you through the one-time AWS SSO configuration, session sign-in, and access verification needed before you can browse or download Parquet files.

Prerequisites

• AWS CLI v2 installed (install guide)
• Access to the Haltian Parquet S3 bucket via AWS SSO (Microsoft Entra ID)

Values provided by Haltian:

1. Configure AWS SSO (one-time setup)

aws configure sso

When prompted, enter:

A browser window will open — sign in with your company (Microsoft Entra ID) account and select your account and role (e.g. ParquetReader-xxxx).

When prompted for a profile name, enter something memorable, e.g.:

parquet-access-orgname

The profile name will be used in all subsequent commands.

2. Sign in (before each session)

SSO tokens expire, so you must sign in at the start of each session:

aws sso login --profile parquet-access-orgname

A browser will open for authentication. Once complete, the CLI is ready.

3. Verify access

Confirm you can see the bucket contents:

aws s3 ls s3://<BUCKET_NAME>/parquet/{organizationId}/ \
  --profile parquet-access-orgname \
  --region eu-west-1

You should see the top-level data folders, e.g.:

                           PRE devices/
                           PRE measurementOccupancyStatus/
                           PRE spaces/

Using the AWS_PROFILE environment variable

Instead of passing --profile on every command, you can export it:

export AWS_PROFILE=parquet-access-orgname

Then all commands simplify — no --profile flag needed:

aws s3 ls s3://<BUCKET_NAME>/parquet/ \
  --region eu-west-1

You can also add this to your .env file for use with Python scripts.

Troubleshooting

Next steps

• Download Parquet files with AWS CLI — browse and download files interactively
• IAM Role Access — set up programmatic access from your own AWS account