Amazon AppFlow Cheat Sheet

• An integration service that automates data flows by securely integrating third-party applications and AWS services without writing any code.

Features

• Run flows on-demand or on a schedule to keep data in sync across SaaS applications and AWS services.

• Aggregate data from multiple sources to train analytics tools more effectively and save money.

• Use flow management tools to track where and when data has moved.



• Data is encrypted at rest and in transit.

• Integrates with AWS PrivateLink to allow private data transfer over AWS rather than public data transfer over the internet.

• Use custom connectors to transfer data between private APIs, on-premise systems, and cloud services.

• Publish events related to the status of a flow using Amazon Event Bridge.

• Glue Data Catalog integration for analytics.

• S3 partitioning for faster queries and aggregation.

• Flows can handle up to 100 GB per run.

• Custom Connector SDK (Java/Python) for private APIs/on-prem.

• IAM access control for who can create/run flows.

• CloudTrail logs API calls for auditing.

• Over 50 SaaS connectors supported (new ones like Facebook Ads, Zendesk, Stripe).

• EventBridge triggers for flow events (including Salesforce CDC).

• Use customer-managed KMS keys for encryption.

• Highly available architecture (no single point of failure)

Concepts

• Connections

  • Provide access to the source and destination to enable data flow.

  • Stores configuration details and credentials to transfer data with applications.

    • Usernames

    • Passwords

    • Secret keys

    • API access tokens

  • In AWS CLI and AppFlow API, connections are called connector profiles.

  • IAM integration: restrict who can create or run flows.

  • PrivateLink support: securely connect to sources/destinations without using the public internet.

  • Customer-managed KMS keys can be used to encrypt access tokens and data.

• Flows enable data transfer between the source and destination.

• Data mapping 

  • Specifies how data from the source is transferred to the destination.

  • Fields in each source object are mapped to fields in the destination.

  • Multiple fields in a source object are concatenated to a single field in the destination.

  • Mask sensitive field values so that only an asterisk appears in the destination field.

  • Allows you to truncate fields to a specific length.

  • Partitioning output in S3 for better query performance.

  • Aggregation: combine multiple records or files before transfer.

  • Flow tasks: filters, mapping, concatenation, truncation, masking of sensitive fields.

• Using filters, you can control which data records are transferred to the destination.

• Trigger determines how a flow runs.

  • Run on-demand – run this flow every time you want to transfer data.

  • Run on event – for SaaS apps with change events.

  • Run on schedule – runs the flow on a recurring schedule.

    • Full transfer – transfers a snapshot of all records at the time of the flow run.

    • Incremental transfer – only records that have been added or updated since the last successful flow run are transferred.

  • “On-event” triggers support Change Data Capture (CDC) and Platform Events (e.g., Salesforce).

  • Flow states: Active, Errored, Deprecated.

  • Flows can handle up to 100 GB per run.

Amazon AppFlow Pricing

• You are charged per flow run and the maximum number of flow runs.

• You are charged for data processing for flows whose destinations are:

  • Hosted on AWS 

  • Integrated with AWS PrivateLink

• You are charged per standard request and storage to read and write from AWS services.

• You are charged for the use of AWS KMS CMKs to encrypt access tokens and data in transit.

Amazon AppFlow Cheat Sheet Reference:

https://aws.amazon.com/appflow/