diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/dataConnectors.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/dataConnectors.json
index 79e0c7e084e4..f44ddcb6ca1d 100644
--- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/dataConnectors.json
+++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/dataConnectors.json
@@ -106,6 +106,9 @@
           "Get an AwsCloudTrail data connector": {
             "$ref": "./examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json"
           },
+          "Get an Aws S3 data connector": {
+            "$ref": "./examples/dataConnectors/GetAmazonWebServicesS3ById.json"
+          },
           "Get an AATP data connector": {
             "$ref": "./examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json"
           },
@@ -457,6 +460,16 @@
       "type": "object",
       "x-ms-discriminator-value": "AmazonWebServicesCloudTrail"
     },
+    "AwsS3CheckRequirements": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/DataConnectorsCheckRequirements"
+        }
+      ],
+      "description": "Amazon Web Services S3 requirements check request.",
+      "type": "object",
+      "x-ms-discriminator-value": "AmazonWebServicesS3"
+    },
     "DataConnectorsCheckRequirements": {
       "description": "Data connector requirements properties.",
       "properties": {
@@ -1028,6 +1041,73 @@
         "dataTypes"
       ]
     },
+    "AwsS3DataConnector": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/DataConnector"
+        }
+      ],
+      "description": "Represents Amazon Web Services S3 data connector.",
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/AwsS3DataConnectorProperties",
+          "description": "Amazon Web Services S3 data connector properties.",
+          "x-ms-client-flatten": true
+        }
+      },
+      "type": "object",
+      "x-ms-discriminator-value": "AmazonWebServicesS3"
+    },
+    "AwsS3DataConnectorDataTypes": {
+      "description": "The available data types for Amazon Web Services S3 data connector.",
+      "properties": {
+        "logs": {
+          "allOf": [
+            {
+              "$ref": "#/definitions/DataConnectorDataTypeCommon"
+            }
+          ],
+          "description": "Logs data type.",
+          "type": "object"
+        }
+      },
+      "type": "object",
+      "required": [
+        "logs"
+      ]
+    },
+    "AwsS3DataConnectorProperties": {
+      "description": "Amazon Web Services S3 data connector properties.",
+      "properties": {
+        "destinationTable": {
+          "description": "The logs destination table name in LogAnalytics.",
+          "type": "string"
+        },
+        "sqsUrls": {
+          "description": "The AWS sqs urls for the connector.",
+          "type": "array",
+          "items": {
+            "description": "AWS sqs url.",
+            "type": "string"
+          }
+        },
+        "roleArn": {
+          "description": "The Aws Role Arn that is used to access the Aws account.",
+          "type": "string"
+        },
+        "dataTypes": {
+          "$ref": "#/definitions/AwsS3DataConnectorDataTypes",
+          "description": "The available data types for the connector."
+        }
+      },
+      "type": "object",
+      "required": [
+        "destinationTable",
+        "sqsUrls",
+        "roleArn",
+        "dataTypes"
+      ]
+    },
     "DataConnector": {
       "description": "Data connector",
       "allOf": [
@@ -1089,6 +1169,7 @@
         "Office365",
         "OfficeATP",
         "AmazonWebServicesCloudTrail",
+        "AmazonWebServicesS3",
         "AzureAdvancedThreatProtection",
         "MicrosoftDefenderAdvancedThreatProtection",
         "Dynamics365",
@@ -1125,6 +1206,9 @@
           {
             "value": "AmazonWebServicesCloudTrail"
           },
+          {
+            "value": "AmazonWebServicesS3"
+          },
           {
             "value": "AzureAdvancedThreatProtection"
           },
diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json
new file mode 100644
index 000000000000..de8b9f56657c
--- /dev/null
+++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json
@@ -0,0 +1,33 @@
+{
+  "parameters": {
+    "api-version": "2021-09-01-preview",
+    "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights",
+    "dataConnectorId": "afef3743-0c88-469c-84ff-ca2e87dc1e48"
+  },
+  "responses": {
+    "200": {
+      "body": {
+        "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48",
+        "name": "afef3743-0c88-469c-84ff-ca2e87dc1e48",
+        "type": "Microsoft.SecurityInsights/dataConnectors",
+        "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
+        "kind": "AmazonWebServicesS3",
+        "properties": {
+          "destinationTable": "AWSVPCFlow",
+          "roleArn": "arn:aws:iam::072643944673:role/RoleName",
+          "sqsUrls": [
+            "https://sqs.us-west-1.amazonaws.com/111111111111/sqsTestName"
+          ],
+          "dataTypes": {
+            "logs": {
+              "state": "Enabled"
+            }
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetDataConnectors.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetDataConnectors.json
index f1ed81c27045..e04a20921b94 100644
--- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetDataConnectors.json
+++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/examples/dataConnectors/GetDataConnectors.json
@@ -146,6 +146,25 @@
               }
             }
           },
+          {
+            "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48",
+            "name": "afef3743-0c88-469c-84ff-ca2e87dc1e48",
+            "type": "Microsoft.SecurityInsights/dataConnectors",
+            "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"",
+            "kind": "AmazonWebServicesS3",
+            "properties": {
+              "destinationTable": "AWSVPCFlow",
+              "roleArn": "arn:aws:iam::072643944673:role/RoleName",
+              "sqsUrls": [
+                "https://sqs.us-west-1.amazonaws.com/111111111111/sqsTestName"
+              ],
+              "dataTypes": {
+                "logs": {
+                  "state": "Enabled"
+                }
+              }
+            }
+          },
           {
             "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b",
             "name": "06b3ccb8-1384-4bcc-aec7-852f6d57161b",