Cloud Storage for reports

When you set up delivery or storage for a particular report, you can select a Cloud Storage target previously added to the Cloud Storage list.

About the Cloud Storage list

This list supports the enhanced lists interface. Learn more about using enhanced lists.

The Sage Intacct Cloud Storage list defines the Cloud Storage targets (1 or more) that you can use to deliver reports.

In addition to defining Cloud Storage targets, the Cloud Storage list serves as the central place to go for status and troubleshooting. If a report was not successfully delivered, you can easily correct the problem and redeliver the reports from a single page.

You can also define the Cloud Storage destinations that the Data Delivery Service (DDS) uses when sending exported object files.

The Cloud Storage list provides the following information For each Cloud Storage target:

  • Name of each Cloud Storage target.
  • Storage type.
  • Status of the last delivery, including delivery errors, if any.

Working with the Cloud Storage list

You can perform the following tasks from the list:

  • Edit a particular target.
  • Correct any errors.
  • Redeliver any undelivered reports that are waiting in the queue.

Supported Cloud Storage targets and data

You have the option to deliver Sage Intacct data to the following supported Cloud Storage targets:

Cloud Storage targets
Supported Cloud Storage targets
Amazon S3

Azure

When using Azure Blob Storage, only container-level uploads are supported. Delivery to subfolders/directories is not currently supported unless you upgrade to Azure Data Lake Storage Gen2 (ADLS Gen2) with hierarchical namespace enabled.
Box
Dropbox
Google Drive
HTTP
OneDrive/Office365

You can store the following on Cloud Storage targets:

  • Reports that you schedule.
  • Standard and custom reports that must be processed and stored.
  • Files sent by DDS.

 

How to access Cloud Storage

To access the Cloud Storage list, go to Reports > Setup > More > Cloud storage. From the Cloud storage list, you add a new Cloud storage target, or edit or review the status of existing targets.

Subscription

Company

Regional availability

All regions

User type
All user types, except for CRM users
Permissions

Cloud Storage

Cloud Storage privacy

In most cases, files uploaded to a Cloud Storage target inherit public or private settings of the target that were specified in the third-party target configuration.

For example, you might have a public folder called Monthly reports in a Box account. If you make that folder public and share it, anyone you share it with can view its contents. However, if that folder was instead set to private, only the target owner is able to access to the files.

The Private checkbox in Intacct only controls who can see and use the Cloud Storage target within Intacct. It does not affect the privacy of the files stored in the cloud. File privacy is managed by the settings in your cloud storage provider (such as Box, Dropbox, or Google Drive).

However, for Amazon S3 storage, Intacct provides additional options to restrict file access (see below).

Amazon S3 exception

For Amazon S3 targets, Intacct allows you to choose who can access files delivered to your S3 bucket:

  • Bucket owner only: Only the owner of the S3 bucket and the associated AWS account can access the files.

  • Authenticated users: Any AWS user with the file’s S3 URL can access the file.

These settings work in addition to your S3 bucket’s own permissions and policies. Make sure your S3 bucket policy does not conflict with your Intacct settings.

How to set up a supported Cloud Storage target

Setting up a Cloud Storage target comprises the 3 tasks outlined in this section. Be sure to review the optional tasks for Azure accounts, developers, and administrators that follow.

1. Set up an account at a cloud storage site

You can set up an account with your cloud storage site of choice to deliver data to these supported cloud targets.

Before you can deliver data to Amazon S3, you must create a bucket in your Amazon S3 account. After you create a bucket, edit the bucket policy to grant access privileges to Intacct, and update the permissions for the bucket.

  1. On the Amazon Web Services site, create a bucket in your S3 account.
    Enter a name for the bucket and select US East (N. Virginia) as the Region.
  2. While defining the bucket, select Edit bucket policy.
  3. Paste the following text in the bucket policy, and replace bucket_name with the name of your Amazon S3 bucket.
    { "Version": "2012-10-17", "Statement": [ { "Sid": "AddPerm", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::533618318345:user/ia-app-CloudStorage-S3" }, "Action": "s3:PutObject", "Resource": "arn:aws:s3:::bucket_name/*" } ] }
  4. Go to the Permission tab for your new bucket.
  5. Select Edit next to Block public access (bucket settings).
  6. Select only the following from the available bucket settings:
    • Block public access to buckets and objects granted through any access control lists (ACLs)
    • Block public access to buckets and objects granted through new public bucket or access point policies
  7. Select Save Changes.

Verify that you have an Azure storage account before you begin this setup process.

If you plan to store files larger than 4MB using CloudStorage for DDS, use the Azure BLOB service. Other Azure storage options might not support files over 4MB and uploads could fail or be incomplete.
  1. Log in to your Microsoft Azure storage account.
  2. In Azure services, select Storage accounts.
  3. Select the name of an existing account.
  4. In the menu search bar, enter Resource and select Resource sharing (CORS).
  5. On the Blob service tab, enter the following:
    • Allowed origins: * (the asterisk symbol)
    • Allowed methods: GET, POST, PUT
    • Allowed headers: * (the asterisk symbol)
    • Exposed headers: * (the asterisk symbol)
    • Maximum age: 200
  6. In the menu search bar, enter Networking and select Networking.
  7. On the Firewalls and virtual networks tab, select the following and Save your changes:
    • Allow access from: All networks
    • Network Routing preference: Microsoft network routing
    • Publish route-specific endpoints: Microsoft network routing
  8. In the menu search bar, enter SAS, select Shared access signature, and enter the following:
    • Allowed services: BLOB, FILE
    • Allowed resource types: Container, Object
    • Allowed permissions: Read, Write, Add, Create
    • Allowed blob index permissions: Read/Write, Filter
    • Start and expiry date/time: Enter the start and end dates that the SAS is valid, and the time zone used for this SAS.
    • Allowed protocols: HTTPS and HTTP
    • Preferred routing tier: Microsoft network routing
  9. Select Generate SAS and connection string and copy the File service SAS URL that's generated.

You can now set up your Intacct Azure storage using the URL you copied in the previous step.

Azure subfolder limitation:

This snippet is used more than once in a single topic.Standard Azure Blob Storage only supports delivery to the container root. If you need to deliver files to subfolders, consider upgrading to ADLS Gen2 with hierarchical namespace enabled. See https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-introduction for details and upgrade considerations.

2. Define 1 or more Cloud Storage targets in Intacct

You can define as many Cloud Storage targets as you need. Multiple targets can be set up for different Cloud Storage sites, or even for the same Cloud Storage site.

For example, you might define a Dropbox target for an external client, another Dropbox target for internal reports, and a third as a DDS delivery destination.

  1. Go to Reports > Setup > More and select Add (circle) beside Cloud Storage.
  2. On the Cloud Storage information page, set the Storage type to a supported Cloud Storage target.
  3. Enter the Name of the Cloud Storage target, as it will appear in the Cloud Storage list.
  4. Update the Owner of the Cloud Storage target as needed, and enter 1 or more Email addresses where error reports will be sent.
  5. Set the Cloud Storage target to Private or Public, and select the Cloud Storage target Status.
  6. For Amazon S3 only: In the Storage type details section, select where you want the report or data delivery files to be delivered.
    • Enter the Bucket that you created for your company in your Amazon S3 account.
    • Optional For the Path, enter the location, relative to the top level of the Cloud Storage target, where you want reports to be delivered. If you do not enter a path, all reports are delivered to the topmost level of the target.
      To send the data to a particular folder instead, enter the directory path to the folder. For example, to save the reports in a Quarterly_reports folder, enter Quarterly_reports.
      If the folder in the Path does not already exist, it's created the first time a scheduled report is delivered. You can override the Path selected here when you specify options to deliver a report.
    • Encrypt the Amazon S3 data by enabling the Encrypt option. This option encrypts the files sent from Sage Intacct to Amazon S3. Currently, Server Side Encryption AES 256 is supported. This feature is off by default.
    • Set Restrict file access to 1 of the following:
      • Bucket owner only restricts file access to the Amazon S3 bucket owner and the account owner.
      • Authenticated users allow any Amazon Web Services user access to the file with the Amazon S3 file URL.
  7. For Azure storage only: In the Storage type details section, enter the File service SAS URL you generated.
  8. When you're done, Save your changes.
Cloud Storage options
Field Description
Storage type Select 1 of the supported cloud targets.
Name The Name of the Cloud Storage target, as it will appear in the Cloud Storage list. This name is also the name that you (and others) will see when setting up cloud delivery for a particular report.
Owner

Select the owner of the Cloud Storage target.

If you're not an administrator, you're automatically the owner. If you are an administrator, you have the option to make another user the owner.

If the Cloud Storage target is marked as Private, only the Owner (and any administrators) can edit its information.

Email address The email address where any error reports for the Cloud Storage target are sent. You can enter more than 1 email address. Intacct recommends providing at least 1 email address in this field.
Private checkbox

Private targets can be viewed and used only by the Owner of the target (and any administrators). Other users will not see private targets in the Cloud Storage list and cannot use them for report delivery.

If you want other users to be able to select this target, make the target public by deselecting the Private option.
Status

Active status means that the Cloud Storage target can be seen in the Cloud Storage list. Other people can also use the target as a place to send Intacct data.

An Inactive status removes the Cloud Storage target from the Cloud Storage list and makes it unavailable for use.
Storage type details

Depending on which storage type you select, enter more information about your storage type to complete the connection between Intacct and the Cloud Storage target. Addition information can include:

  • Address or URL
  • HTTP username and password
  • Path
  • Bucket

3. Log in to the account (for OneDrive/Office365, Dropbox, Box, and Google Drive only)

The first time you set up a Cloud Storage target, log in to establish a connection to the Cloud Storage account from your company.

You might need to log in to the account later if the original login information expires or becomes invalid. Cloud storage providers may require you to re-authenticate after a set period of time (for example, every 10 days). The exact duration depends on the provider.

If your Cloud Storage target shows as Logged out in Intacct, follow the login steps to reconnect.

  1. Go to Reports > Setup > More > Cloud storage
  2. Find the target where you need to log in.
  3. Select Edit at the end of the row.
  4. On the Cloud Storage information page, select Log in.
    You’re redirected to the Cloud Storage site, where you can enter your user name and password.
  5. Enter your user name and password, as required by the site.
  6. If necessary, grant permission for Intacct to access the Cloud Storage account.
  1. Go to Reports > Setup > More > Cloud storage and select Edit or View next to the target where you need to log in.
  2. On the Cloud Storage information page, select Log in.
    You’re redirected to the Cloud Storage site, where you can enter your user name and password.
  3. Enter your user name and password, as required by the site.
  4. If necessary, grant permission for Intacct to access the Cloud Storage account.

Verify Azure Storage

After you set up an Azure storage target, verify that the target is receiving your data.

In Sage Intacct

  1. Log in to your Intacct company.
  2. Run a report or generate a DDS file.
When sending DDS files, there could be a delay between when the file is generated and when the file can be viewed in Azure.

In Azure

If you plan to store files larger than 4MB using CloudStorage for DDS, use the Azure BLOB service. Other Azure storage options might not support files over 4MB and uploads could fail or be incomplete.
  1. Log in to your Microsoft Azure storage account.
  2. In Azure services, select Storage accounts.
  3. Select the name of the storage account used to store Intacct data.
  4. In the menu search bar, enter Storage and select Storage Explorer (preview).
  5. Open File Shares and verify Intacct information has been received. The file names are similar to the name of your Intacct company.

Custom destination folders in Azure

To use a custom folder in Azure for your Intacct data, include the folder name in the File service SAS URL when setting up the connection.

For example: my-custom-folder

https://intacct.blob.core.windows.net/my-custom-folder?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwlacu&se=
https://intacct.file.core.windows.net/my-custom-folder?sv=2020-02-10&ss=bfqt&srt=sco&sp=rwlacu&se=
This snippet is used more than once in a single topic.Standard Azure Blob Storage only supports delivery to the container root. If you need to deliver files to subfolders, consider upgrading to ADLS Gen2 with hierarchical namespace enabled. See https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-introduction for details and upgrade considerations.

If you do not specify a folder, Intacct automatically creates one using your company’s name, following Azure’s naming conventions.

For example: My 123_Company becomes my-123-company:

https://intacctdev1-microsoftrouting.blob.core.windows.net/?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwacutfx&se=2025-07-31T18:11:52Z&st=2021-07-11T10:11:52Z&se=
https://intacctdev1-microsoftrouting.blob.core.windows.net/?sv=2020-08-04&ss=bfqt&srt=sco&sp=rwacutfx&se=2025-07-31T18:11:52Z&st=2021-07-11T10:11:52Z&se=
For more information about the naming conventions used by Azure, see: https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-shares--directories--files--and-metadata

Set up an HTTP post (for developers)

If you’re a Sage Intacct solutions developer, you can have reports delivered to another application using HTTP. When you select HTTP as the Storage type, the Address or URL that you specify receives reports in the form of a Post call.

Using the HTTP option of Cloud Storage, DDS files and offline reports are sent using HTTP Post requests. Certain applications such as Microsoft Azure require an additional parameter: the companyID. You include the company title parameter as an HTTP request body field. In this case, you'll get the company ID along with the DDS or report file.

The following is an example of a Post call in curl format:

curl www.youraddress.com \ -F FILE=ReportNamecontents\
-u username:password

In this case:

  • www.youraddress.com is the Address or URL that you supply.
  • -F FILE= sends the name and contents of the report
  • The username and password are optional (-u username:password) and are included only if you supply an HTTP Username and HTTP Password.

Setting up an HTTP target

  1. Go to Reports > Setup > More > Cloud storage and select Create.
  2. On the Cloud Storage information page, select HTTP as the Storage type.
  3. Fill in the Name, Owner, and other fields as directed in Set up a supported Cloud Storage target.
  4. In the Storage type details section, enter the HTTP address where the post call is to be sent. If required, also add a user name and password for authentication.
    • For Address or URL, enter the complete address starting with http or https.
    • If the URL requires authentication, enter the HTTP Username and HTTP Password.
  5. When you're done, Save your changes.
  1. Go to Reports > Setup > More > Cloud storage and select Add.
  2. On the Cloud Storage information page, select HTTP as the Storage type.
  3. Fill in the Name, Owner, and other fields as directed in Set up a supported Cloud Storage target.
  4. In the Storage type details section, enter the HTTP address where the post call is to be sent. If required, also add a user name and password for authentication.
    • For Address or URL, enter the complete address starting with http or https.
    • If the URL requires authentication, enter the HTTP Username and HTTP Password.
  5. When you're done, Save your changes.

Administrative tasks

The Cloud Storage list provides an at-a-glance view of the status of each Cloud Storage target. For each Cloud Storage target, you'll see whether the target is logged in and whether the last delivery was successful.

We recommend that you review that status of the Cloud Storage list regularly. Some issues to check for include:

  • Is each Cloud Storage target logged in? If the Status for any target is "Logged out," you need to log in again to re-establish a connection.
  • Was the most recent scheduled delivery successful? If not, you can correct the problem and redeliver any reports or data files.

Log in again

For targets that include OneDrive/Office365, Dropbox, Box, or Google Drive, the Status column on the Cloud Storage list indicates if the target is "Logged in" or "Logged out". If the Status is listed as "Logged out," you need to log in again. Being logged out can happen if the username or password for a Cloud Storage target isn't valid or has expired.

  1. Go to ReportsSetup > More > Cloud storage.
  2. Find the target where you want to log in.

  3. Select Edit at the end of the row.

  4. Select Log in.
  5. For more information, see Step 3. Log in to the account.
  1. Go to ReportsSetup > More > Cloud storage.
  2. Select Edit or View next to the target and select Log in.

    3. For more information, see Step 3. Log in to the account.

Check for undelivered reports

The Last scheduled delivery column indicates whether the last delivery was successful. If the delivery was unsuccessful, you'll see "Delivery error."

Redelivering reports after a delivery error

  1. Go to ReportsSetup > More > Cloud storage.
  2. Find the report that you want to redeliver.

  3. Select Edit at the end of the row.

  4. Review the delivery error and correct any issues.

    In addition to the error message, you'll see the total number of reports that are waiting to be delivered.

  5. Select Retry.
  1. Go to Reports > Setup > More > Cloud storage and select Edit or View next to the target.
  2. Review the delivery error and correct any issues.

    In addition to the error message, you'll see the total number of reports that are waiting to be delivered.

  3. Select Retry.

Error messages

Following are the list of errors that you might receive if a scheduled report is unable to be delivered.

After correcting the error, you'll need to redeliver any failed reports.
Cloud Storage delivery error messages
Error message Resolution

You’re either logged out of your storage target, or your login credentials are not recognized. Check your credentials, then log in again.
Edit the Cloud Storage target and select Log in.

This upload failed to complete because your target storage is maxed out. Increase your storage, then try again.

Increase your available space on the Cloud Storage target, or remove unneeded files to create more space.

This upload failed to complete due to connection issues. Wait a few moments, then try again.

We were unable to connect to the Cloud Storage target. Wait until later, and then redeliver the reports.

This upload failed to complete because the URL address is not valid. Check the address, then try again.

Applies only to the HTTP storage type. Edit the Cloud Storage target and enter the correct URL in the Address or URL field.

This upload failed to complete because the path isn't valid. Check the path, then try again.

The Path for storing scheduled reports does not exist on the Cloud Storage site. The corresponding folder might have been deleted or renamed.

This upload failed to complete due to an unknown error. Check that your configuration is right (log in credentials, URL or path, and connection status), then try again.

Verify all information on the Cloud Storage information page and then retry the delivery of scheduled reports.

The Cloud Storage service chosen to deliver this report is inactive. If you’re the owner or admin of the service, reactivate it and try again.

The Cloud Storage account for the target is not currently active. Verify that the service is active and then retry the delivery of scheduled reports.