⌘K
v2026.1 Open Portal ↗
On this page

AppFlow

AppFlow Overview

AWS AppFlow provides fully managed bi-directional data integration between StackFlow and SaaS applications. StackFlow uses AppFlow for large-scale data synchronization tasks: syncing CRM data from Salesforce for customer context in incidents, importing HR data from Workday for user management, and syncing asset data from ServiceNow during migrations.

⚙️ Minimum Requirements
  • AWS AppFlow: Service enabled in account 373544523367 in us-east-1
  • IAM: StackFlowAppFlowRole with appflow:CreateFlow, appflow:StartFlow, s3:PutObject on the AppFlow destination bucket
  • S3: stackflow-appflow-data-373544523367 bucket as AppFlow destination with SSE-KMS encryption
  • Lambda: StackFlowAppFlowTrigger processing AppFlow completion events from EventBridge

Supported Connectors

ConnectorDirectionUse Case
SalesforceInboundSync customer records to CMDB
WorkdayInboundSync employee data for user management
ServiceNowBothMigration / coexistence sync
SAPInboundCost center and asset sync
ZendeskInboundMigrate historical tickets

Creating a Flow

aws appflow create-flow   --flow-name stackflow-salesforce-accounts-sync   --source-flow-config '{
    "connectorType": "Salesforce",
    "connectorProfileName": "stackflow-salesforce",
    "sourceConnectorProperties": {
      "Salesforce": {"object": "Account", "enableDynamicFieldUpdate": true}
    }
  }'   --destination-flow-config-list '[{
    "connectorType": "S3",
    "destinationConnectorProperties": {
      "S3": {"bucketName": "stackflow-appflow-data", "bucketPrefix": "salesforce/accounts/"}
    }
  }]'   --tasks '[{"taskType": "Filter", ...}]'   --trigger-config '{"triggerType": "Scheduled", "triggerProperties": {"Scheduled": {"scheduleExpression": "rate(1 hour)"}}}'   --region us-east-1

Data Transformation

AppFlow supports field-level transformations including masking (for PII), math operations, string concatenation, and conditional mapping. For complex transformations not supported natively, the AppFlow S3 destination can trigger a Lambda function via S3 events to perform custom transformations before loading data into StackFlow via the REST API.

PII Handling: AppFlow's masking transformation should be used for any PII fields (SSNs, date of birth, etc.) in HR or CRM data flows. The masked data is then stored in StackFlow's CMK-encrypted Aurora database with the additional protection of field-level encryption via the StackFlowFieldKeyRotator Lambda.

Error Handling

AppFlow can be configured to write failed records to an S3 error bucket for manual review and reprocessing. Set up a CloudWatch Alarm on the RecordsProcessedFailed metric for each flow to alert on integration failures. The StackFlow admin console shows AppFlow flow status in Integrations → AppFlow → Flow Status.

← Previous
Azure AD / Microsoft
Microsoft 365 and Entra ID
GitHub Sync
Code and config sync with GitHub