Pre-built deltek costpoint etl connector. Every CWS endpoint covered (Projects, Accounting, AP/AR, Billing, T&E, Cobra EVMS, WAWF), direct-schema fallback for indirect-rate pool calculation depth, Parquet/JSON/FBDI outputs. CMMC 2.0 Level 2 ready, DCAA-grade audit logging.
Custom Web Services clients against Costpoint always start cheap and end expensive. Pagination, throttling, mixed SOAP/REST endpoints, deep indirect-rate pool calculation depth and quarterly Deltek API changes break them one by one over a 3-year operating window.
Costpoint Web Services are not difficult to call individually — but they are difficult to call correctly at scale across the full govt-contracting data model over years of production operation. Each domain (Projects, AP, AR, Billing, T&E, Cobra EVMS) has its own pagination pattern, throttling behavior, role-permission requirement and quirks left over from the multi-decade Costpoint platform evolution from desktop client to web to Costpoint 8.x. A custom script written for Project Master breaks on T&E timesheet history. The T&E script breaks again on Cobra (CER) earned-value records. The Cobra script falls over on the first concurrent-connection throttle event in a high-volume period.
Beyond the technical complexity, the maintenance burden is the real cost. Quarterly Costpoint releases bring new endpoints, modified schemas and occasional breaking changes. Multi-year operation requires tracking Deltek's roadmap, validating against new versions in test, deploying connector updates without disrupting scheduled production extracts. Federal contractors who built custom CWS integrations in 2020 routinely discover by 2024 that the integration consumes 1–2 FTE-years per integration flow over the 3-year operating window — and the engineer who originally built it has left the firm.
Syntra ETL's deltek costpoint etl connector ships as a managed software product with quarterly releases tracking Deltek's roadmap, pre-built support for every production CWS endpoint and direct-schema fallback for audit-heavy data classes, plus an SLA. Federal contractors pay back the connector in the first 6 months versus equivalent custom development, and the ongoing maintenance burden disappears entirely.
No bespoke CWS scaffolding, no direct-schema reverse-engineering, no fragility. Configure scope, run, reconcile.
Project master, hierarchy, account groups, PLCs, budgets, EAC/ETC, allowable cost detail, CLIN/SLIN funding with NTE ceilings — full pagination handled, modified-since watermark for delta.
Direct-schema fallback for pool calculation workpapers, allocation base detail, approved provisional rate certifications, forward-pricing rate cert lookback. Partitioned per pool per fiscal period.
Per-employee per-day per-PLC per-charge-code timesheet history, expense reports, leave accruals, floor check records. DCAA timekeeping audit chain preserved end-to-end.
GL accounts, journal entries, vouchers, vendor master with FAR flowdowns, 1099 history, project invoices (T&M/CPFF/FFP/CPIF), WAWF iRAPT submission history with DCMA correspondence.
Earned-value records (BCWS/BCWP/ACWP), CPR/IPMR data, SPI/CPI history, variance explanations, control account budgets — feeds Fusion PPM EVMS or downstream EVMS analytics.
Manufacturing for defense product primes, MMAS-compliant Materials Management, Procurement with FAR/DFARS flowdowns, Subcontracts with CPSR compliance support.
From read-only application user provisioning to first scheduled delta extract in production, typically 3–5 calendar days.
Costpoint admin provisions dedicated read-only application user with scoped role assignments on the modules in your extraction plan. Credentials stored in your cloud KMS — Syntra never holds them in plaintext.
Connector runtime deployed to your cloud environment (containerized on Kubernetes, ECS, GKE, AKS, Cloud Run or bare VM). Output destination configured: S3/GCS/Azure Blob for files, plus optional Fusion FBDI/HDL drop targets. Direct-schema connectivity to Costpoint DB read-replica configured for pool calculation fallback.
Per-domain extraction scope configured (fiscal years, projects, pools). Schedule defined: one-shot bulk, nightly delta, weekly full snapshot, or any cron schedule. Output format per domain set: Parquet/JSON/FBDI/raw document.
Initial full-snapshot extract runs across all configured domains in parallel. For deep indirect-rate pool calculation history, throttled to off-peak windows or routed to DB read-replica. Signed manifest produced with counts, sums and hashes per partition for downstream reconciliation.
Scheduled delta runs execute on cron, capturing modified-since records since the last watermark. Run logs feed SOC 2 and DCAA business-system audit trail. Failures surface as alerts via email, Slack, PagerDuty or webhook — no silent drift.
The details that matter when the connector has to run unattended for years against a govt-contracting business system that supports active DCAA audits.
Every extract is idempotent — re-running the same scope produces byte-identical output. Failed runs resume from the last checkpoint rather than starting over, even for multi-year indirect-rate pool calculation pulls.
Respects Costpoint per-instance Web Services connection limits and DB read concurrency. Automatic back-off with exponential retry. Never throttles live user transaction posting during business hours.
Every run produces a signed JSON manifest with record counts, sum totals, hash signatures, and source-modified timestamps per partition — ready for downstream reconciliation and DCAA audit evidence.
Application-user credentials encrypted at rest in cloud KMS. Pool calculation workpapers and Parquet output encrypted at rest with KMS-managed keys. TLS 1.2+ in transit.
Prometheus metrics exposed for extraction throughput, error rates, Web Services latencies, DB read concurrency. Grafana dashboards shipped. Plug into your existing observability stack.
Every application-user authentication, every Web Service call, every direct-schema read, every output write logged with user, timestamp, scope and result. Audit logs ship to SIEM via syslog or CloudTrail.
A deltek costpoint etl connector is a production-grade software component that authenticates to a Costpoint environment, calls the Costpoint Web Services and direct database read interfaces, transforms the resulting data through governed crosswalks, and lands the output in a destination of your choice (data lake, warehouse, Fusion FBDI staging, downstream BI). It differs from generic ERP connectors in three structural ways: it natively understands Costpoint's mixed SOAP/REST Web Services architecture with all its version-line quirks; it has direct-schema fallback for audit-heavy data classes (deep indirect-rate pool calculation workpapers, executive comp cap tests, approved forward-pricing rate cert lookback) that Web Services don't expose cleanly; and it preserves the DCAA audit-trail evidence chain that federal contractors require for 7+ year contracting-officer lookback.
Every production-relevant Costpoint domain. Projects: master, hierarchy, account groups, project labor categories, budgets, EAC/ETC, allowable cost detail, CLIN/SLIN funding. Indirect Cost Pools: pool definitions, allocation bases, pool calculation workpapers, approved provisional rates, forward-pricing rate certifications. Accounting: GL accounts, fiscal year setup, organizational hierarchy, multi-state allocations, journal entries. AP: vendor master, vouchers, vendor labor, 1099 history, P-card transactions. AR: customer master, project invoices (T&M/CPFF/FFP/CPIF/CPAF), WAWF iRAPT submission history. Billing: billing detail, retainage, T&M rates by PLC, CLIN/SLIN structure. Time & Expense: timesheets, expense reports, labor distribution, leave balances, floor check records. Cobra (CER): earned value records, BCWS/BCWP/ACWP, CPR/IPMR data. Manufacturing + Materials Management for defense product primes. Procurement and Subcontracts with FAR/DFARS flowdowns.
The connector uses Costpoint's standard application-user authentication with role-based access control. Syntra ships a vetted pattern: dedicated read-only application user with scoped role assignments restricting access to only the modules in your extraction plan (Projects, AP, AR, Billing, T&E, Cobra), credentials stored in your cloud KMS, automatic credential rotation supported, all calls TLS 1.2+, comprehensive audit logging of every API call captured for SOC 2 and DCAA business-system audit. No admin password is ever stored, no service-account shortcut is used. The read-only role assignment can be reduced post-deployment without re-installing anything. Federal contractors in CMMC 2.0 Level 2 and DFARS 252.204-7012 security postures routinely pass internal security review on the first attempt.
Three primary output formats: Parquet (columnar, partitioned by fiscal year, project, business unit and pool, ideal for downstream analytics in Athena/BigQuery/Snowflake/Spark/Databricks), JSON Lines (newline-delimited JSON preserving the full Web Service response shape, ideal for streaming pipelines or downstream ETL), and Oracle Fusion-native loaders (FBDI ZIPs for Projects, GL Journals, AP Invoices, AR Invoices, Suppliers; HDL bundles for Worker context; REST API payloads for incremental delta loads). Attached documents (vendor invoices on vouchers, signed timesheet backups, contract modification PDFs) stream as their original binary into cloud object storage (S3/GCS/Azure Blob) with hash-signed sidecar JSON capturing source-system identifier and modified-timestamp. Custom output formats configurable per domain via plugin architecture.
The connector includes a built-in scheduler with cron syntax and supports modified-since delta extraction on every domain that exposes a watermark field (vouchers, timesheets, expense reports, journal entries, project transactions). Common production schedules: nightly delta extract feeding a downstream data warehouse for executive dashboards and analytics; weekly full-snapshot extract for compliance backup and DR; monthly indirect-rate pool calculation pull for DCAA audit lookback; ad-hoc reconciliation extracts during audit windows. Each scheduled run produces a signed manifest (counts, sums, hashes per partition) plus a run log captured for SOC 2 and DCAA business-system audit. Failures surface as alerts through email, Slack, PagerDuty or webhook — no silent drift during weeks when the controller isn't looking.
Quarterly extractor releases track Deltek's Costpoint roadmap. When Deltek introduces new Web Services endpoints in a Costpoint 8.x release line or modifies existing endpoint schemas, the Syntra connector picks up support in the next quarterly release. Backward compatibility is maintained for at least 18 months — your existing extraction configuration continues to work on the new connector version without modification. Breaking changes are flagged in release notes with migration guidance. Federal contractors running scheduled production extracts against live Costpoint instances do not need to chase Deltek version-upgrade announcements on their own; the connector handles the version-line evolution as a managed software product.
Yes. The connector deploys to your cloud environment (your AWS, GCP, Azure or on-premises) — Syntra ETL never holds your Costpoint credentials or your extracted data in Syntra's infrastructure. Deployment patterns supported: containerized on Kubernetes, ECS, GKE, AKS or Cloud Run; or bare VM. CMMC 2.0 Level 2 controls supported out of the box: KMS-encrypted credentials, TLS 1.2+ in transit, KMS-encrypted output at rest, comprehensive audit logging integrated with your SIEM via syslog or CloudTrail, role-based access on the connector runtime itself, network segmentation via VPC peering or PrivateLink. DFARS 252.204-7012 controlled-unclassified-information handling: extracted data remains within your CMMC boundary at all times.
Typical deployment timeline is 3–5 calendar days from kick-off to first scheduled delta extract running in production. Day 1: Costpoint admin provisions the dedicated read-only application user, scoped role assignments configured. Days 1–2: connector runtime deployed to your cloud environment, output destination configured (S3/GCS/Azure Blob, plus optional Fusion FBDI/HDL drop targets). Days 2–3: per-domain extraction scope configured (which fiscal years, which projects, which pools), schedule defined, output format per domain set. Days 3–5: initial full-snapshot extract runs across configured domains in parallel; signed manifest produced with counts, sums and hashes per partition. Day 5 onward: scheduled delta runs execute on cron, capturing modified-since records since the last watermark.
30-minute discovery call. We'll scope your Costpoint modules, indirect-rate pool calculation depth, T&E volume, application-user role provisioning and downstream destination — and have a working scheduled extract running against your environment within the week.