No. It is still possible to encrypt data coming from SFMC data extensions even if decrypted on import.
The process from import to export is:
Import:
- File is dropped with PGP encryption to FTP
- File transfer to decrypt and send to safehouse
- import activity aiming at file in safehouse
This will decrypt your data and store it unencrypted in SFMC. From there, you have 2 choices on encrypting and exporting your information.
Export manually:
- Go to the 'records' section of your desired Data Extension
- Select 'Export' option
- Check the 'encrypt file' option under 'Export Options'
This is a simple usage and is great for 'one off' needs, but is not available for automation.
Export via Data Extract Activity and File Transfer:
- Create a data extract activity aimed at your DE. (this will create an unencrypted file that lives in your safehouse)
- Create a File Transfer activity that utilizes the 'Move file from safehouse' option
- write in the file naming that you had from data extract and then select 'Encrypt file'
- Here you will be able to select PGP or GPG encrypt
This will then let you take the file, encrypt it in PGP or GPG and then place it on your FTP. Using Data Extract and File Transfer allows you to place these in an automation for scheduled or trigger based usage.
If you really want to, you can also remove the UI completely and create the Data Extract, File Transfer and automation via the API.
Yes you are correct, File Transfer activity does not trigger a file drop automation. This is because the file is not being dropped (defined as being added to the FTP from an outside source) but is instead being transferred (moved around internally on the FTP).
What I would do in your situation is either combine the two automations into a single one, or add a step to the end of your first automation that triggers your second automation.
- Combine the two automations - Basically after you run the File Transfer activity I would then add the import from your second Automation and any other activities.
- Insert a script to trigger your second automation - Using a Script Activity I would use SSJS to make a SOAP API call to start your second automation (I believe you will need to change it from File Drop to Scheduled, but don't actually need to set a schedule).
Example SOAP call to start an automation:
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<PerformRequestMsg xmlns="http://exacttarget.com/wsdl/partnerAPI">
<Action>start</Action>
<Definitions>
<Definition xsi:type="Automation">
<ObjectID>29fa9fff-774a-458d-a1f4-c50f99587664</ObjectID>
</Definition>
</Definitions>
</PerformRequestMsg>
</s:Body>
and here is a great sample of the full SSJS script from @AdamSpriggs blog:
<script runat="server">
Platform.Load("Core","1.1.1");
var automationCustomerKey = "CUSTOMERKEY-OF-AUTOMATION"
var rr = Platform.Function.CreateObject("RetrieveRequest");
Platform.Function.SetObjectProperty(rr, "ObjectType", "Automation");
Platform.Function.AddObjectArrayItem(rr, "Properties", "ProgramID");
Platform.Function.AddObjectArrayItem(rr, "Properties", "CustomerKey");
Platform.Function.AddObjectArrayItem(rr, "Properties", "Status");
var sfp = Platform.Function.CreateObject("SimpleFilterPart");
Platform.Function.SetObjectProperty(sfp, "Property", "CustomerKey");
Platform.Function.SetObjectProperty(sfp, "SimpleOperator", "equals");
Platform.Function.AddObjectArrayItem(sfp, "Value", automationCustomerKey);
Platform.Function.SetObjectProperty(rr, "Filter", sfp);
var retrieveStatus = [0,0,0];
var automationResultSet = Platform.Function.InvokeRetrieve(rr, retrieveStatus);
var ObjectID = automationResultSet[0]["ObjectID"];
var Status = automationResultSet[0]["Status"];
if (ObjectID != "null") {
/*
Code Status
-1 Error
0 BuildingError
1 Building
2 Ready
3 Running
4 Paused
5 Stopped
6 Scheduled
7 Awaiting Trigger
8 InactiveTrigger
*/
if (Status == 2) {
var obj = Platform.Function.CreateObject("Automation");
Platform.Function.SetObjectProperty(obj, "ObjectID", ObjectID);
var po = Platform.Function.CreateObject("PerformOptions");
var performResult = [0,0,0];
var performStatus = Platform.Function.InvokePerform(obj, "start", performResult, po);
} else {
// already running
}
} else {
// automation not found
}
</script>
Best Answer
I'm not sure which PGP public key you are using. You can use a public key to encrypt a PGP file, but you can't use a public key alone to decrypt a PGP file as this will require the corresponding private key (unless you are using the ExactTarget public key).
I believe it is possible to use your own PGP public/private key combination with Safehouse, but you will need to open a support case to have this configured. I've never done this though. My advice would be to encrypt the PGP file using the ExactTarget PGP public key (if you are not doing so already) which you can download here.
Here are the two steps that should appear in your Automation.
1. File Transfer Activity
%%FILENAME_FROM_TRIGGER%%
2. Import Activity
%%BASEFILENAME_FROM_TRIGGER%%.csv
(change 'csv' to match the file extension of the decrypted file)Safehouse
The Safehouse file location is not created by default. If you do not have this in Email app > Admin > Data Management > File Locations, create one named 'Safehouse' and set the Location Type to 'Safehouse'.
Note that I've configured a couple of different accounts recently where importing decrypted PGP files fail. If the automation fails on the import activity as it can't find the decrypted file in Safehouse, then you will need to open a support case to have this configured.