BlogVideos

Adding AWS credentials

See how you can add your AWS credentials to connect your own AWS S3 buckets to your datasets on Mindkosh.

To connect your AWS account with Mindkosh and add data, you first need to add your AWS credentials.

Create an IAM user on AWS

Create an IAM user on AWS, and attach a policy with read access rights over the bucket and location you intend to use. When asked to choose the AWS credential type. select Access key - Programmatic access. We do not require AWS console access.

An example policy you can attach to the new user is given below. Be sure to replace example-bucket with your own bucket name.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": [
                "arn:aws:s3:::<example-bucket>"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::<example-bucket>/*"
            ]
        }
    ]
}

Remember to save the API Access keys

Once you have created a new user, you will be prompted to save the Access keys you just created. Make sure to click on the "Download .csv" button. If you close the tab, and reopen it, you will not be able to view the Secret access key required to access data from your bucket.

Set CORS policy

In order to enable the browser to directly fetch the files from your cloud storage, you will need to set the right CORS policy on the bucket, so the browser does not block loading the files. Here is how you can do it for a bucket on AWS S3.

Permissions section on a AWS s3 bucket

  1. Open the bucket on the AWS console.

  2. Switch to the Permissions tab.

  3. Scroll down to the CORS section and enter the following policy.

[
    {
        "AllowedHeaders": [
            "Access-Control-Allow-Origin"
        ],
        "AllowedMethods": [
            "GET"
        ],
        "AllowedOrigins": [
            "https://app.mindkosh.com",
        ],
        "ExposeHeaders": [
            "Access-Control-Allow-Origin"
        ]
    }
]

Add credentials to Mindkosh

Once you have the access keys for the new user and have set the CORS policy, you are ready to add the keys to your organization on Mindkosh. Go to the Organization page and click on the Manage AWS access keys button. Next, enter the Access keys in the dialog box that opens.

Adding AWS access keys to organization

You only need to do this once. Once the keys are added, they will be used to access data for any task created with S3 by any member of your organization. Remember, if you do not want to give a user the ability to create tasks, move him to the Annotator user group from the Organization page.

Note that we only save the location of the images and not the images themselves. We then stream the images directly from the cloud using short-lived pre-signed URLs to access the images from the browser.

PreviousUploading dataNextOrganization

Last updated

Was this helpful?