If your media are stored in a location you can access on AWS S3, you can link that cloud location to your CrowdAI account and sync media to use in the platform.

If you already have your imagery in an S3 location, you can skip ahead to our article on uploading media from S3. If you don't yet have your media in S3, keep reading to get started!

Create an S3 bucket

In order to store files on AWS S3, you need to create an S3 bucket.

  1. Go to the “S3” section of your AWS Management Console.

  2. Click Create bucket.

  3. Fill in the unique bucket name (e.g. crowdai-imagery) and choose the region where you want to store your imagery and click next.

  4. You can optionally tweak the configuration. Click “Next.”

  5. For the highest security, we recommend blocking all public access to your bucket. The Platform will still be able to access your imagery.

  6. Review the bucket configuration and click create bucket.

Create an IAM policy

An IAM policy is used to manage access control. In order to access your files, the CrowdAI platform needs the following permissions:

IAM permission

Description

s3:ListBucket

List the objects in your S3 location. We need to know the names of your files to be able to import them.

s3:GetObject

Get a file. We need this permission to initiate a file download request.

s3:HeadObject

Get metadata. We need this permission to be able to collect additional information about files (e.g., file size, hash, etc.)

  1. Go to the “IAM” section of your AWS Management Console.

  2. In the sidebar, click Policies.

  3. Click Create policy.

  4. Choose JSON.

  5. Paste the following policy configuration, replacing the bucket name and the path with the location to which you have uploaded the imagery:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowObjectAccess",
"Effect": "Allow",
"Action": [
"s3:HeadObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::crowdai-imagery/path/to/files/*"
]
},
{
"Sid": "AllowObjectsListing1",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::crowdai-imagery"
],
"Condition": {
"StringEquals": {
"s3:prefix": [
"path/to/files"
],
"s3:delimiter": [
"/"
]
}
}
},
{
"Sid": "AllowObjectsListing2",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::crowdai-imagery"
],
"Condition": {
"StringLike": {
"s3:prefix": [
"path/to/files/*"
]
}
}
}
]
}

If you plan to store your media in the bucket’s root, you will need to adjust some things. In the AllowObjectAccess statement, put the /* right after the bucket name:

"Resource": [
"arn:aws:s3:::crowdai-imagery/*"
]

In the AllowObjectsListing1 statement, change the prefix to an empty string in Conditions:

"Condition": {
"StringEquals": {
"s3:prefix": [
""
],
"s3:delimiter": [
"/"
]
}
}

6. Click Review policy.

7. Set a unique name for your new policy. For example, “CrowdAI Platform Access.”

8. Click Create policy to finish.

You're almost there!

Create an IAM user

To access your files, CrowdAI's platform needs credentials, in this case, an access key and a secret key.

  1. Go to the “IAM” section of your AWS Management Console.

  2. In the sidebar, click Users.

  3. Click Add user.

  4. Provide a unique user name. For example, crowdai-platform-access.

  5. In the Access type section, select Programmatic access and click Next.

  6. In the Set permissions section, select Attach existing policies directly.

  7. Search for the policy you just created in the previous step, select it, and click Next.

  8. You can optionally add tags to your IAM user. This information can be used to organize your IAM users database. Click Next.

  9. Review the user name and the policy attached and click Create user.

  10. Your new credentials will be displayed. Please note that the secret access key is displayed only once. Please save the key somewhere safe! You can click Download CSV to download the credentials to your computer.

For security reasons, we recommend you to delete the secret key from your computer as soon as you connect it to your CrowdAI account.

Did this answer your question?