# Transfer S3 object from Alibaba Cloud OSS
This tutorial describes how to transfer Objects from Alibaba Cloud OSS to Amazon S3.
## Prerequisite
You have already deployed the Data Transfer Hub in Oregon (us-west-2) region. For more information, see [deployment](deploy-the-solution.md#deployment-overview).
## Step 1: Configure credentials for OSS
1. Open the [Secrets Manager console](https://console.aws.amazon.com/secretsmanager/home).
1. Choose **Secrets** in the left navigation pane.
1. Select **Store a new secret**.
1. Select **Other type of secrets**.
1. Enter the credentials of Alibaba Cloud as text in plaintext. The credentials are in the format of:
```
{
"access_key_id": "",
"secret_access_key": ""
}
```
1. Select **Next**.
1. Enter **Secret name**. For example, `dth-oss-credentials`.
1. Select **Next**.
1. Select **Disable automatic rotation**.
1. Select **Store**.
## Step 2: Create an OSS transfer task
1. From the **Create Transfer Task** page, select **Start a New Task**, and then select **Next**.
1. From the **Engine options** page, under engine, select **Amazon S3**, and then choose **Next Step**.
1. Specify the transfer task details.
+ Under Source Type, select the data source Aliyun OSS.
1. Enter bucket name and choose to sync Full Bucket or Objects with a specific prefix or Objects with different prefixes.
1. Provide destination settings for the Amazon S3 buckets.
1. From **Engine settings**, verify the values and modify them if necessary. For incremental data transfer, set the minimum capacity to at least 1.
1. At **Task Scheduling Settings**, select your task scheduling configuration.
+ If you want to configure the timed task at a fixed frequency to compare the data difference on both sides of the time, select **Fixed Rate**.
+ If you want to configure a scheduled task through [Cron Expression](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) to achieve a scheduled comparison of data differences on both sides, select **Cron Expression**.
+ If you only want to perform the data synchronization task once, select **One Time Transfer**.
+ If you need to achieve real-time incremental data synchronization, please refer to the [event config guide](#how-to-achieve-real-time-data-transfer-by-oss-event-trigger).
1. For **Advanced Options**, keep the default values.
1. At **Need Data Comparison before Transfer**, select your task configuration.
+ If you want to skip the data comparison process and transfer all files, select **No**.
+ If you only want to synchronize files with differences, select **Yes**.
1. Enter an email address in **Alarm Email**.
1. Choose **Next** and review your task parameter details.
1. Choose **Create Task**.
After the task is created successfully, it will appear on the **Tasks** page.
![\[Tasks page showing a single task in progress with details like Task ID and Source.\]](http://docs.aws.amazon.com/solutions/latest/data-transfer-hub/images/create-oss-transfer-task.png)
Select the Task ID to go to the task Details page, and then choose CloudWatch Dashboard to monitor the task status.
## How to achieve real-time data transfer by OSS event trigger
If you want to achieve real-time data transfer from Alibaba Cloud OSS to Amazon S3, follow this section to enable OSS event trigger.
After you created the task, go to [Amazon SQS console](https://us-west-2.console.aws.amazon.com/sqs/v2/home?region=us-west-2#/queues) and record the queue URL and queue ARN that will be used later.
**Prepare your AWS account's Access Key/Secret Key **
1. Sign in to the [IAM console.](https://us-east-1.console.aws.amazon.com/iamv2/home)
1. In the navigation pane, choose **Policies**, then choose **Create Policy**.
1. Select the **JSON** tab, and enter the following information.
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sqs:SendMessage"
],
"Resource": "arn:aws:sqs:us-west-2:111122223333:DTHS3Stack-S3TransferQueue-1TSF4ESFQEFKJ"
}
]
}
```
------
**Note**
Make sure to replace your queue ARN in the JSON.
1. Complete the workflow to create the policy.
1. In the navigation pane, choose **Users**, then choose **Add users**.
1. Attach the policy you created previously to the user.
1. Save the ACCESS\$1KEY/SECRET\$1KEY which will be used later.
**Prepare the event-sender function for Alibaba Cloud **
1. Open the terminal and enter the following command. You can use docker or Linux machine.
```
mkdir tmp
cd tmp
pip3 install -t . boto3
```
1. Create an `index.py` in the same folder, and enter the code below.
```
import json
import logging
import os
import boto3
def handler(event, context):
logger = logging.getLogger()
logger.setLevel('INFO')
evt = json.loads(event)
if 'events' in evt and len(evt['events']) == 1:
evt = evt['events'][0]
logger.info('Got event {}'.format(evt['eventName']))
obj = evt['oss']['object']
# logger.info(obj)
ak = os.environ['ACCESS_KEY']
sk = os.environ['SECRET_KEY']
queue_url = os.environ['QUEUE_URL']
region_name = os.environ['REGION_NAME']
# minimum info of a message
obj_msg = {
'key': obj['key'],
'size': obj['size']
}
# start sending the msg
sqs = boto3.client('sqs', region_name=region_name,
aws_access_key_id=ak, aws_secret_access_key=sk)
try:
sqs.send_message(
QueueUrl=queue_url,
MessageBody=json.dumps(obj_msg)
)
except Exception as e:
logger.error(
'Unable to send the message to Amazon SQS, Exception:', e)
else:
logger.warning('Unknown Message '+evt)
return 'Done'
```
1. Zip the code (including boto3).
```
zip -r code.zip *
```
**Create a function in Alibaba Cloud **
1. Use your Alibaba Cloud account to log in to [Function Compute](https://fc.console.aliyun.com/fc/tasks/), and select **Task**.
1. Choose **Create Function**.
1. Choose Python3.x as the Runtime Environments.
1. In **Code Upload Method**, choose Upload ZIP.
1. Upload the `code.zip` created in the previous step to create the function.
1. Select **Create**.
**Configure the function's environment variables **
1. Choose the **Configurations**.
1. Select **Modify** in the Environment Variables.
1. Enter the config JSON in the Environment Variables. Here you need to use your own `ACCESS_KEY`, `SECRET_KEY` and `QUEUE_URL`.
```
{
"ACCESS_KEY": "XXX",
"QUEUE_URL": "https://sqs.us-west-2.amazonaws.com/xxxx/DTHS3Stack-S3TransferQueue-xxxx",
"REGION_NAME": "us-west-2",
"SECRET_KEY": "XXXXX"
}
```
1. Select **OK**.
### Create the trigger
1. Navigate to the **Create Trigger** in **Triggers** tab to create the trigger for the function.
![\[Triggers tab interface with Create Trigger button and search bar for managing function triggers.\]](http://docs.aws.amazon.com/solutions/latest/data-transfer-hub/images/create-trigger.png)
1. Choose **OSS** as the **Trigger Type**, and choose the bucket name.
1. For **Trigger Event**, choose:
```
oss:ObjectCreated:PutObject
oss:ObjectCreated:PostObject
oss:ObjectCreated:CopyObject
oss:ObjectCreated:CompleteMultipartUpload
oss:ObjectCreated:AppendObject
```
1. Select **OK**.