Storage with AWS S3

This guide describes how to create a bucket in Amazon S3. You can use the bucket with Axinom Encoding as an input and/or output storage.

To create an AWS bucket:

1. On the s3 AWS Console, click create bucket.

   Start creating a bucket

   

2. During the bucket creation you should use unique name, proper AWS region and deselect all Block all public access, agree the acknowledge of the public access and create the bucket.

   Bucket initial settings

   

3. Created bucket is not public yet. To make it properly accessed: open the bucket, go to permissions and click Edit in Bucket policy section

   Bucket permissions

   

4. Add a new policy. The json to be added:

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Sid": "PublicReadGetObject",
               "Effect": "Allow",
               "Principal": "*",
               "Action": "s3:*",
               "Resource": "{bucket_arn}/*"
           }
       ]
   }

   Use Bucket ARN in the Resource. And if there is no any Errors, push Save changes.

   Bucket policy

   

5. As a result bucket should have Publicly accessible tag

   Bucket permissions

   

6. To make it available for a player usage Cross-origin resource sharing (CORS) has to be updated in the corresponded section under bucket permissions. Allowed Origins should contain list of the players URL which are ging to use the bucket. Save changes.

   Bucket CORS

   

7. Once the bucket is ready, additional user with correct access should be added in Amazon, which credential are needed to set up the Acquisition Profile. Go to Identity and Access Management (IAM) -> Users -> Add users

   IAM Add User

   

8. Create User with proper permissions. Type User name and select Access key - Programmatic access

   IAM Set user details

   

   Set permissions to the user by Attach existing policies directlyand then Create policy

   IAM Create Policy

   

   Use Json editor and copy paste the object with Previously created pubic bucket name:

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Sid": "AccessForEncoding",
               "Effect": "Allow",
               "Action": "s3:*",
               "Resource": "arn:aws:s3:::{previously_created_public_bucket_name}"
           }
       ]
   }

   IAM create policy

   

   Add any tag if needed. We suggest adding some for the more convenient management in future.

   IAM create policy

   

   Check the necessary info about the new policy, name it properly (understandable name) and create a new policy. Once it’s created check that access of the policy is correct.

   IAM Finish the creation

   

   IAM double check the created policy

   

9. Continue with a new user creation and select new created policy after refresh the list of locies.

   IAM new user select policy

   

10. Add any tag if needed. We suggest adding some for the more convenient management in future.

IAM user tags

11. Review New User and push Create user

IAM user review

As a result you will get user’s credentials. Both Access key ID and Secret access key should be copied and used for the Acquisition Profile setup.

warning

Secret Access Key is not be visible once the page will be closed. Store it securely for the further usage.

IAM user credentials