Versions Compared

Version Old Version 3 New Version 4
Changes made by

johan.skaneby

johan.skaneby

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the following how-to article you will learn how to configure an AWS S3 bucket for basic integration with Vidispine API / Vidinet. The steps described in this article will require.

  • a AWS account with the necessary control over the permissions needed for integration with Vidispine /Vidinet

  • a basic Basic understanding of the AWS services such as S3 ( the cloud storage)  and IAM ( the AWS permissions service ) 

  • an verified Verified installation of Vidispine API / Vidinet

  • a verified Verified S3 bucket set up in your AWS account in order to attach this service to Vidinet

Table of contents

Table of Contents

...

In order for this user to have access to the S3 resource you previously created, an IAM Policy needs to be set on this user. This can be done in several ways, one way is to use an inline policy for the user. Navigate to IAM Service once more, click Users and then click on the specific user you want to change permissions on. In our case this would be the user vidinet-user. Click the add inline policy button on the permissions tab for the user.

The permissions this user needs on the S3 resource objects are: GetObjectPutObjectDeleteObject and DeleteObjectVersion. For the S3 bucket itself the user needs: ListBucket and GetBucketLocation. Finally the user needs permission to list all buckets for this account: ListAllMyBuckets for all resources.

 

To achieve this enter the JSON tab on the inline policy and fill in the policy information. For us, this would look like the following: 

Code Block
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowUserToReadWriteObjectDataInBuckets",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:DeleteObject",
                "s3:DeleteObjectVersion"
            ],
            "Resource": [
                "arn:aws:s3:::my-vaas-storage/*"
            ]
        },
        {
            "Sid": "AllowListingOfBuckets",
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": [
                "arn:aws:s3:::my-vaas-storage"
            ]
        },
        {
            "Sid": "AllowListingOfAllBuckets",
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets"
            ],
            "Resource": "*"
        }

    ]
}

...

You may choose to use different S3 buckets or simply use a single bucket with different subdirectories for storage or thumbnails.

Info

This how-to article describe a basic setup of an AWS bucket. For more advanced security and permission configuration of your AWS service to meet your companies requirements, please refer to AWS knowledge-base in the Related articles below.

Creating an S3 Bucket on AWS

...