Accurate Video S3 Storages

This guide describes in detail how to add an external AWS S3 bucket as storage to Accurate Video, and how to ingest files from this storage as assets in Accurate Video.

The guide explains how to create a new user in AWS IAM, which is used by Accurate Video to get programmatic access through the S3 API. This is needed since the files located on the S3 bucket is not open to the public. By creating a new user it is also easy to revoke access, should it be needed.

The guide further shows how to add a bucket policy which gives access to the created user, and how to add the required CORS configuration.

Finally, the guide explains how to use the simple UI in Accurate Video to very quickly and easily connect the storage and ingest files.

Add user

The first step is to create a new user in AWS IAM (Identity and Access Management). The user will be used by the Accurate Video system to get access to the files located in the S3 bucket. By creating a new user, we can control and limit the access for this specific user, and it makes it easy to revoke or delete access in the future, should it be required.

Add user

Go to the AWS IAM page, and click on users. Click on “create user”. Give it a name that you will remember and enable the “programmatic access” checkbox.

Click to the next step of the user creation wizard.

Permissions

On the second screen, specific permissions can be given to the user. In this case, no permissions should be given to the user, so make sure the user is not added to any groups or that any permissions are set.

Permissions

By default, no permissions are added to the user. It should be OK to just click next to go to the third step of the user creation wizard.

Tags

Here you can add specific tags to the user if you wish. This is optional and is not required. A tag can be added to remember that this user was created for Accurate Video purposes.

Tags

Click next to proceed to the fourth step of the user creation wizard.

Review

Review that everything looks OK before proceeding to the final step. There should be a warning showing that the user has no permissions. Make sure that the user AWS access type is set to programmatic access - with an access key.

Review

Click on “create user” to proceed.

Copy access key & secret key

The user is now created!

Review

Take note and write down the following information:

  • User name
  • Access key ID
  • Secret access key

You will need the information above in subsequent steps, when the required bucket policy is added and when the storage is added to the Accurate Video interface.

Copy AWS user account ID

In order to proceed, there is one more type of information required, the User ARN of the user that was just created.

Copy user key

In order to find this information, go back to the start page of AWS IAM. Click on “users”, and select the user just created by clicking on the user name.

A screen similar to the one above will be shown, at the top of the screen you will see the User ARN. This full string will need to be copied and remembered. There is a small icon next to the string which conveniently copies the string. Click on this to copy the string.

In this example the value is arn:aws:iam::010652268016:user/av-s3-user

Create an S3 bucket

In the following steps, an S3 bucket is created and configured. You can either choose to create a new S3 bucket, or re-use an existing. In this example, a new bucket is created.

Create bucket

Navigate to the AWS S3 start page. From here there will be a button to create a new bucket. Give the bucket a name, and select the region where the bucket should be created. In doesn’t matter, but recommended is to keep the bucket as close to the end-users as possible, as all content will be served from this bucket.

For the rest of the options, simply follow through the bucket creation wizard and use all default values for options and permissions.

Add bucket policy

After the bucket has been created, the required permissions will need to be added. Click on the bucket to open the details page. Click “permissions” at the top, and then “bucket policy”. You should see an empty screen where you can add text.

Bucket policy

Copy and paste the following text into the bucket policy.

{
"Version": "2008-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::010652268016:user/av-s3-user"
},
"Action": [
"s3:GetObject",
“s3:PutObject”,
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::av-sales-demos",
"arn:aws:s3:::av-sales-demos/*"
]
}
]
}

Take note of the bold parts highlighted above. These values will need to be changed according to your configuration. The first value is the user ARN that we extracted before. The second value is the actual name of the bucket.

Click save to update the bucket policy.

S3 CORS configuration

You will need to add a CORS configuration to your bucket to access files from the JavaScript interface of Accurate Video. Click on “CORS configuration”.

CORS configuration

Copy and paste the following text:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>Content-Range</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Click save to set the CORS configuration.

Note: If you know the exact origin of the Accurate Video system, you can limit this instead of setting the AllowedOrigin to * (accept anything).

Here you can find more information about CORS and why this configuration is needed: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing

Connect storage

All settings are now set in AWS. Now it’s time to add the storage to Accurate Video.

Connect storage

Go to the Accurate Video start page, click on “storages” at the top. You should see a screen similar to the above, empty without any storages. If you have already added storage, it will show up here.

Click the “add storage” button at the top.

Add storage

A modal with a form should pop up. Start by giving the storage a name, this is purely for identification and can be anything you want.

Add storage

Enter the S3 bucket name, note that this represents the name in S3 that was used before. The region should also be set, this has to be the same region as in S3.

If you are unsure about what region codes, look at the following list:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions

Click “use custom credentials” and enter the AWS Access key and AWS Secret key from before. The AWS access key is a string all in upper case, and the AWS secret key is a slightly longer key mixed with both upper and lower characters.

Set a periodic refresh interval. This reflects how often the S3 bucket is queried and files within the bucket are updated. Note that it will poll the S3 API according to this schedule, so you don’t want to set it too high. In case the storage is very rarely updated, the best option could be to disable it.

Select files

Click on ingest at the top. Select the storage you just created. All files inside this storage will be shown.

Select files

Select the files you wish you ingest and click “ingest”.

Ingest

A popup will be shown after clicking ingest. Here you can see a summary of the files that will be ingested.

Ingest

All files will be associated with a single asset. For each file, the component type can be set (video, audio, subtitle). It can also be set to auto, in which case Accurate Video will automatically try to detect the type. Optionally, for each file, a tag and the language can be set.

Monitor job

An import job will be created that can be monitored by clicking on the jobs tab at the top.

Monitor job

Clicking on the job will show all substeps inside the job. Once the job finishes, the newly created asset will be available in the asset view.

AWS Elemental - Setup, Connect and Transcoding Accurate Video AWS EC2