Skip to content
Robnu
Live

Every artifact in S3. With your KMS alias on top.

Robnu's primary object storage is AWS S3 with SSE-KMS. When AWS_S3_PER_SELLER_KMS=true, each seller gets its own KMS alias — alias/robnu/seller-{sellerId} — so a leaked bucket without your alias decrypts to ciphertext.

Start free
Free during early access · Forever free under 25 orders/day
app.robnu.com/ai/extractionsDocument extractionVendor invoices · packing slips · settlement files → typed fieldsExtractedinvoice_noINV-2026-04-1108vendor_gstin27AAACO0000A1Z5subtotal₹38,420.00tax₹6,915.60total₹45,335.60po_refAJIO-PO-7782due_date2026-05-26Confidence0.94ai_document_extractions ✓
TL;DR
  • Primary bucket is configured via AWS_S3_BUCKET (default robnu-prod-files).
  • Bucket layout: documents/{sellerId}/{marketplaceAccountId}/orders/{orderId}/{type}/...
  • Raw API payloads land at raw-payloads/{sellerId}/{marketplaceCode}/{date}/{hour}.jsonl.gz — queryable via AWS Glue + Athena.

What you get.

Per-seller KMS aliases

When per-seller KMS is enabled, each seller's S3 objects are encrypted under their own alias. Cross-seller decryption requires explicit alias grant — which Robnu does not configure.

StorageObject metadata in Postgres

Every S3 binary has a StorageObject row carrying bucket, storage_key, mime, byte_size, sha256, kms_key_alias, version_id, seller_id. The metadata is queryable, joinable, RLS-scoped.

Athena over raw payloads

Raw marketplace API responses are dumped to a partitioned prefix (raw-payloads/{sellerId}/{marketplaceCode}/{date}/{hour}.jsonl.gz). Glue crawls; Athena queries. Ad-hoc analytics without a separate warehouse.

Bucket prefixes

S3 layout in your tenant.

  • documents/{sellerId}/{marketplaceAccountId}/orders/{orderId}/{type}/... — packing slips, invoices, manifests.
  • documents/{sellerId}/{marketplaceAccountId}/shipments/{shipmentId}/... — shipment-level artifacts.
  • raw-payloads/{sellerId}/{marketplaceCode}/{date}/{hour}.jsonl.gz — raw API payloads.
  • exports/{sellerId}/{date}/{exportId}.csv — finance and reconciliation CSV exports.
  • ai-extractions/{sellerId}/{extractionId}/source.pdf — preserved source for audit.
FAQ

Practical answers.

R2 was the v0.3 storage choice. Post-foundational-redesign, AWS S3 is primary because of native SSE-KMS, per-seller KMS aliases, and Glue + Athena integration. R2 is retained as a legacy artifact bucket for v0.3-era references during the migration window.

Yes. CSV export from the dashboard includes presigned URLs to source PDFs in S3. The presigned URL grants read access for a limited window (default 24h).

S3 lifecycle rules retain documents for the full audit window (currently uncapped). Raw payloads are partitioned and lifecycle-managed; defaults are 90 days hot, then Glacier.

Related

More inside this pillar.

Multi-tenant model

RLS isolation

Security overview

Try it inside your own dashboard.

Free during early access. No card. Forever free under 25 orders/day.

Start freeTalk to us
build 547000c1ac5d3ea9cb039864711ed788f9948b69 · 2026-06-12T02:03:58+05:30