This guide describes in detail how to add an external AWS S3 bucket as storage to Accurate Video, and how to ingest files from this storage as assets in Accurate Video.
The guide explains how to create a new user in AWS IAM, which is used by Accurate Video to get programmatic access through the S3 API. This is needed since the files located on the S3 bucket is not open to the public. By creating a new user it is also easy to revoke access, should it be needed.
The guide further shows how to add a bucket policy which gives access to the created user, and how to add the required CORS configuration.
Finally, the guide explains how to use the simple UI in Accurate Video to very quickly and easily connect the storage and ingest files.
The first step is to create a new user in AWS IAM (Identity and Access Management). The user will be used by the Accurate Video system to get access to the files located in the S3 bucket. By creating a new user, we can control and limit the access for this specific user, and it makes it easy to revoke or delete access in the future, should it be required.
Go to the AWS IAM page, and click on users. Click on “create user”. Give it a name that you will remember and enable the “programmatic access” checkbox.
Click to the next step of the user creation wizard.
On the second screen, specific permissions can be given to the user. In this case, no permissions should be given to the user, so make sure the user is not added to any groups or that any permissions are set.
By default, no permissions are added to the user. It should be OK to just click next to go to the third step of the user creation wizard.
Here you can add specific tags to the user if you wish. This is optional and is not required. A tag can be added to remember that this user was created for Accurate Video purposes.
Click next to proceed to the fourth step of the user creation wizard.
Review that everything looks OK before proceeding to the final step. There should be a warning showing that the user has no permissions. Make sure that the user AWS access type is set to programmatic access - with an access key.
Click on “create user” to proceed.
The user is now created!
Take note and write down the following information:
You will need the information above in subsequent steps, when the required bucket policy is added and when the storage is added to the Accurate Video interface.
In order to proceed, there is one more type of information required, the User ARN of the user that was just created.
In order to find this information, go back to the start page of AWS IAM. Click on “users”, and select the user just created by clicking on the user name.
A screen similar to the one above will be shown, at the top of the screen you will see the User ARN. This full string will need to be copied and remembered. There is a small icon next to the string which conveniently copies the string. Click on this to copy the string.
In this example the value is arn:aws:iam::010652268016:user/av-s3-user
In the following steps, an S3 bucket is created and configured. You can either choose to create a new S3 bucket, or re-use an existing. In this example, a new bucket is created.
Navigate to the AWS S3 start page. From here there will be a button to create a new bucket. Give the bucket a name, and select the region where the bucket should be created. In doesn’t matter, but recommended is to keep the bucket as close to the end-users as possible, as all content will be served from this bucket.
For the rest of the options, simply follow through the bucket creation wizard and use all default values for options and permissions.
After the bucket has been created, the required permissions will need to be added. Click on the bucket to open the details page. Click “permissions” at the top, and then “bucket policy”. You should see an empty screen where you can add text.
Copy and paste the following text into the bucket policy.
Take note of the bold parts highlighted above. These values will need to be changed according to your configuration. The first value is the user ARN that we extracted before. The second value is the actual name of the bucket.
Click save to update the bucket policy.
Copy and paste the following text:
<?xml version="1.0" encoding="UTF-8"?>
Click save to set the CORS configuration.
Note: If you know the exact origin of the Accurate Video system, you can limit this instead of setting the AllowedOrigin to * (accept anything).
Here you can find more information about CORS and why this configuration is needed: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
All settings are now set in AWS. Now it’s time to add the storage to Accurate Video.
Go to the Accurate Video start page, click on “storages” at the top. You should see a screen similar to the above, empty without any storages. If you have already added storage, it will show up here.
Click the “add storage” button at the top.
A modal with a form should pop up. Start by giving the storage a name, this is purely for identification and can be anything you want.
Enter the S3 bucket name, note that this represents the name in S3 that was used before. The region should also be set, this has to be the same region as in S3.
If you are unsure about what region codes, look at the following list:
Click “use custom credentials” and enter the AWS Access key and AWS Secret key from before. The AWS access key is a string all in upper case, and the AWS secret key is a slightly longer key mixed with both upper and lower characters.
Set a periodic refresh interval. This reflects how often the S3 bucket is queried and files within the bucket are updated. Note that it will poll the S3 API according to this schedule, so you don’t want to set it too high. In case the storage is very rarely updated, the best option could be to disable it.
Click on ingest at the top. Select the storage you just created. All files inside this storage will be shown.
Select the files you wish you ingest and click “ingest”.
A popup will be shown after clicking ingest. Here you can see a summary of the files that will be ingested.
All files will be associated with a single asset. For each file, the component type can be set (video, audio, subtitle). It can also be set to auto, in which case Accurate Video will automatically try to detect the type. Optionally, for each file, a tag and the language can be set.
An import job will be created that can be monitored by clicking on the jobs tab at the top.
Clicking on the job will show all substeps inside the job. Once the job finishes, the newly created asset will be available in the asset view.