Storage with AWS S3

This guide describes how to create a bucket in Amazon S3. You can use the bucket with Axinom Encoding as an input and/or output storage.

Create an AWS Bucket

Start creating a bucket

To create an AWS bucket:

1. On the s3 AWS Console, click create bucket.

   Start bucket creation

   

2. During the bucket creation you should use unique name, proper AWS region and deselect all Block all public access, agree the acknowledge of the public access and create the bucket.

   Bucket initial settings

   

Bucket permissions

1. Created bucket is not public yet. To make it properly accessed: open the bucket, go to permissions and click Edit in Bucket policy section

   Add permissions to the bucket

   

2. Add a new policy. The json to be added:

   {
     "Version": "2012-10-17",
     "Statement": [
       {
         "Sid": "PublicReadGetObject",
         "Effect": "Allow",
         "Principal": "*",
         "Action": "s3:*",
         "Resource": "{bucket_arn}/*"
       }
     ]
   }

   Use Bucket ARN in the Resource. And if there is no any Errors, push Save changes.

   Bucket policy

   

3. To make it available for a player usage Cross-origin resource sharing (CORS) has to be updated in the corresponded section under bucket permissions. Allowed Origins should contain list of the players URL which are going to use the bucket. Next save the changes.

   Bucket CORS

   

Create an IAM User

1. Once the bucket is ready, additional user with correct access should be added in Amazon, which credential are needed to set up the Acquisition Profile. Go to Identity and Access Management (IAM) -> Users -> Create user

   IAM Add User

   

2. Create User with proper permissions. Type User name and click "Next".

   IAM Set user details

   

   Set permissions to the user by Attach policies directlyand then Create policy.

   IAM Create Policy

   

   Use Json editor and copy paste the object with Previously created pubic bucket name:

   {
     "Version": "2012-10-17",
     "Statement": [
       {
         "Sid": "AccessForEncoding",
         "Effect": "Allow",
         "Action": "s3:*",
         "Resource": "arn:aws:s3:::{previously_created_public_bucket_name}"
       }
     ]
   }

   IAM create policy

   

   Finish policy creation

   To review and create policy, add a policy name and check that access of the policy is correct.

   Further, add any tag if needed. We suggest adding some tags for more convenient management in future. Finally, click Create policy.

   

   IAM double check the created policy

   

3. Continue with a new user creation and select the newly created policy after refreshing the list of policies.

   IAM new user select policy

   

4. You can review the user details and permissions and add any tag if needed. We suggest adding some for the more convenient management in future. Finally click Create user.

   IAM user review and tags

   

Create Access Key

1. Next, you need to create an access key for the user. Go to the new user and click Create access key

   

2. Next, select Application running outside AWS and click Next. In the next step you can add tags if you want.

   Create access key

   

3. Finally you will get the Access key and the Secret access key. You will need these credentials to set up the Acquisition Profile.

   Retrieve access key

   

warning

Secret Access Key is not be visible once the page will be closed. Store it securely for the further usage.