-
Notifications
You must be signed in to change notification settings - Fork 23
AWS Config
If you fresh with AWS. and confuse for some AWS official guideline you can reference below step by step configs with descriptions.
You also can reference the this doc file. as the guideline: AWS-step-by-step-config-with-chart.docx
Let's start, fistly you you need register an account aws portal signup . If you already have an account. login directly aws portal login .
data-annotator-for-machine-learning need S3, SQS, IAM components as dependency. and we recommend all aws component are in the same region.
- region
Replace the default region,copy the region from your login portal url or The drop-down box in the upper right corner, and replace the null with string value in data-annotator-for-machine-learning/annotation-service/config/app-os.js
region: process.env.REGION || "xxx"
You also can ference the official guideline from here https://docs.aws.amazon.com/s3/index.html
Research "S3" and click then go to Amazon S3 page
Bucket Tab --> Create bucket --> input bucket name and Region(use the same default region with other components) copy the Bucket name and Region to some where first --> Create bucket
- bucketName
Replace the bucketName with you copied value just now
bucketName: process.env.BUCKET_NAME || "xxx"
S3 --> Buckets --> click your Bucket name --> Permissions --> Cross-origin resource sharing (CORS) --> Edit --> replace with the below json --> Save changes
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]You also can ference the official guideline from here https://docs.aws.amazon.com/sqs/index.html
Research "SQS" and click "Simple Queue Service" then go to Amazon SQS page
SQS --> Create queue -->
selete standard queue
input queue name
others leave as default value
--> Create Queue --> copy the queue URL
- sqsUrl
Replace the sqsUrl with your copied string value
sqsUrl: process.env.SQS_URL || "xxx"
You also can ference the official guideline from here https://docs.aws.amazon.com/iam/index.html
Research "IAM" and click then go to Identity and Access Management (IAM) page
Policies tab --> Create policy --> JSON --> input the json below
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ses:*",
"s3:*",
"sqs:*"
],
"Resource": "*"
}
]
}--> Review Policy --> input the policy name --> Create policy
Users tab --> Add user --> input User Name and tick allow Programmatic access --> Next:Permisions --> Next:Tags --> Next:Review --> Create user --> click Download.csv (important, only have one opportunity to download) save the csv file to your local pc --> Close
Roles tab --> Create role --> Another AWS account --> input Account ID(you can see from right above, your name dropdown list, My Account) --> Next: Permissions --> Next:Tags --> Next:Preview --> input Role name --> Create role
Click User tab --> copy User ARN click Roles --> click the Role Name you created just now --> click Tust relationships --> click edit trust relationship --> replace the root user with you copied user role. -->click update Trust Policy
Click Roles --> click Permissions --> click Attach policies --> filter the policies with the name you just created in step1 and tick it --> click Attach policy
- accessKeyId,secretAccessKey
Replace the accessKeyId and secretAccessKey with string values copy the Access key ID and Secret access key from you download csv file (new_user_credentials.csv)
accessKeyId: process.env.ACCESSKEY_ID || "xxx"
secretAccessKey: process.env.SECRET_ACCESS_KEY || "xxx"
- s3RoleArn,sqsRoleArn
Replace the s3RoleArn and sqsRoleArn with string values IAM --> Roles Tab --> the Role you reated in I.step3 --> copy the Role ARN --> replace the null with string value
s3RoleArn: process.env.S3_ROLEARN || "xxx"
sqsRoleArn: process.env.SQS_ARN || "xxx"
If you want to use AWS SES as the email service, you can config this settings below, otherwise you can skip this part.
You also can ference the official guideline from here https://docs.aws.amazon.com/ses/index.html
Research "SQS" and click "Simple Email Service" then go to Amazon Simple Email Service(SES)page
Sandbox is default in SES, that is only send email to verified Email address, both sender and to email address. there are two ways to verify the email address by Domains or By Email Addresses By Domains you can verify all the same type email address. By Email Addresses you only can verify one by one.
Production can send to any email address, but need application from AWS Team. SES --> Sending Statistics --> Edit your account Details --> input the basic information --> Submit for review
If you just want to run Loop as the demo or just few workmate. sandbox if enough. but if you want to deploy to production for many users to use you need apply production access.anyway, you need a sender address
- sender, enableEmail, useAWSSES [ optional ]
If you want enable send email function and want to use AWS SES as the email service replace the sender, and change enableEmail to true and change useAWSSES to true
enableEmail: process.env.ENABLE_EMAIL || true,
useAWSSES: process.env.USE_AWS_SES || true,
sender: process.env.EMAIL_FROM || "xxx@xxx.com"