Skip to main content

Storage with AWS S3

This guide describes how to create a bucket in Amazon S3. You can use the bucket with Axinom Encoding as an input and/or output storage.

To create an AWS bucket:

  1. On the s3 AWS Console, click create bucket.

    Start creating a bucket

    width=1000

  2. During the bucket creation you should use unique name, proper AWS region and deselect all Block all public access, agree the acknowledge of the public access and create the bucket.

    Bucket initial settings

    width=1000

  3. Created bucket is not public yet. To make it properly accessed: open the bucket, go to permissions and click Edit in Bucket policy section

    Bucket permissions

    width=1000

  4. Add a new policy. The json to be added:

    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Sid": "PublicReadGetObject",
    "Effect": "Allow",
    "Principal": "*",
    "Action": "s3:*",
    "Resource": "{bucket_arn}/*"
    }
    ]
    }

    Use Bucket ARN in the Resource. And if there is no any Errors, push Save changes.

    Bucket policy

    width=1000

  5. To make it available for a player usage Cross-origin resource sharing (CORS) has to be updated in the corresponded section under bucket permissions. Allowed Origins should contain list of the players URL which are going to use the bucket. Next save the changes.

    Bucket CORS

    width=1000

  6. Once the bucket is ready, additional user with correct access should be added in Amazon, which credential are needed to set up the Acquisition Profile. Go to Identity and Access Management (IAM) -> Users -> Create user

    IAM Add User

    width=1000

  7. Create User with proper permissions. Type User name and click "Next".

    IAM Set user details

    width=1000

    Set permissions to the user by Attach policies directlyand then Create policy

    IAM Create Policy

    width=1000

    Use Json editor and copy paste the object with Previously created pubic bucket name:

    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Sid": "AccessForEncoding",
    "Effect": "Allow",
    "Action": "s3:*",
    "Resource": "arn:aws:s3:::{previously_created_public_bucket_name}"
    }
    ]
    }

    IAM create policy

    width=1000

    Finish policy creation

    To review and create policy, add a policy name and check that access of the policy is correct.

    Further, add any tag if needed. We suggest adding some tags for more convenient management in future. Finally, click Create policy.

    width=1000

    IAM double check the created policy

    width=1000

  8. Continue with a new user creation and select the newly created policy after refreshing the list of policies.

    IAM new user select policy

    width=1000

  9. You can review the user details and permissions and add any tag if needed. We suggest adding some for the more convenient management in future. Finally click Create user.

    IAM user review and tags

width=1000

  1. Next, you need to create an access key for the user. Go to the new user and click Create access key

width=1000

Next, you need to select Application running outside AWS and click Next. In the next step you can add tags if you want.

Create access key

width=1000

Finally you will get the Access key and the Secret access key. You will need these credentials to set up the Acquisition Profile.

Retrieve access key

width=1000

warning

Secret Access Key is not be visible once the page will be closed. Store it securely for the further usage.