Amazon S3

Archive Policy Gateway events in an Amazon S3 bucket. One JSON object per event — good for long-term retention and downstream Athena / Snowflake / BigQuery analysis.

Configure

Field	Value
Type	Amazon S3
Bucket	e.g. `my-policy-logs`
Region	e.g. `us-east-1`
Access Key ID	AWS access key
Secret Access Key	AWS secret
Prefix	Default `policy-gateway/`
Server-Side Encryption	Optional — `AES256` or `aws:kms`
KMS Key ID	Only when SSE is `aws:kms`

Object layout

s3://<bucket>/policy-gateway/
  date=2026-04-20/
    <event_id>.json

One event per JSON object, partitioned by date.

Query with Athena

CREATE EXTERNAL TABLE ai_audit (
  event_id string,
  event_type string,
  policy_id string,
  decision string,
  effective_decision string,
  enforced boolean,
  rollout_mode string,
  reason_code string,
  policy_target string,
  project_id string,
  model string,
  triggered_categories array<string>,
  denylist_hits array<string>,
  allowlist_hits array<string>
)
PARTITIONED BY (date string)
ROW FORMAT SERDE 'org.openx.data.jsonserde.JsonSerDe'
LOCATION 's3://<bucket>/policy-gateway/';

See the full field list in connectors.

Get started

Capabilities

Integrations

Policy Gateway

Reference

Configure

Object layout

Query with Athena

Get started

Capabilities

Integrations

Policy Gateway

Reference

​Configure

​Object layout

​Query with Athena

Configure

Object layout

Query with Athena