-
Notifications
You must be signed in to change notification settings - Fork 23
AWS Config
If you are new to AWS, you can reference the following step by step configuration guideline.
You can also reference this doc file as the guideline: AWS-step-by-step-config-with-chart.docx
If you don't have a AWS account, register an account aws portal signup . If you already have an account, login to your account aws portal login .
DAML uses S3, SQS, IAM components as dependencies and we recommend all AWS components are in the same region.
- region
Copy the region from your login portal url or the drop-down box in the upper right corner, and replace the "region" variable value with your region in data-annotator-for-machine-learning/annotation-service/config/app-os.js
region: process.env.REGION || "xxx"
You also can reference the official guideline from here https://docs.aws.amazon.com/s3/index.html.
Bucket Tab --> Create bucket --> input bucket name and Region(use the same default region with other components) and --> Create bucket
- bucketName
Replace the bucketName with your new bucket name:
bucketName: process.env.BUCKET_NAME || "xxx"
S3 --> Buckets --> click your Bucket name --> Permissions --> Cross-origin resource sharing (CORS) --> Edit --> replace with the below json --> Save changes
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]You can reference the official guideline from here https://docs.aws.amazon.com/sqs/index.html.
SQS --> Create queue -->
select standard queue
input queue name
others leave as default value
--> Create Queue --> copy the queue URL
- sqsUrl
Replace the sqsUrl with your copied string value
sqsUrl: process.env.SQS_URL || "xxx"
You can reference the official guideline from here https://docs.aws.amazon.com/iam/index.html.
Policies tab --> Create policy --> JSON --> input the json below
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ses:*",
"s3:*",
"sqs:*"
],
"Resource": "*"
}
]
}--> Review Policy --> input the policy name --> Create policy
Users tab --> Add user --> input User Name and tick allow Programmatic access --> Next:Permisions --> Next:Tags --> Next:Review --> Create user --> click Download.csv and save the csv file to your local system --> Close
Roles tab --> Create role --> Another AWS account --> input Account ID(you can see from right above, your name dropdown list, My Account) --> Next: Permissions --> Next:Tags --> Next:Preview --> input Role name --> Create role
Click User tab --> copy User ARN click Roles --> click the Role Name you created just now --> click Trust relationships --> click edit trust relationship --> replace the root user with you copied user role. -->click update Trust Policy
Click Roles --> click Permissions --> click Attach policies --> filter the policies with the name you just created in step1 and click it --> click Attach policy
- accessKeyId,secretAccessKey
Copy the Access key ID and Secret access key from you download csv file (new_user_credentials.csv)
accessKeyId: process.env.ACCESSKEY_ID || "xxx"
secretAccessKey: process.env.SECRET_ACCESS_KEY || "xxx"
- s3RoleArn,sqsRoleArn
Replace the s3RoleArn and sqsRoleArn with string values: IAM --> Roles Tab --> the Role you created in I.step3 --> copy the Role ARN --> replace the null with string value
s3RoleArn: process.env.S3_ROLEARN || "xxx"
sqsRoleArn: process.env.SQS_ARN || "xxx"
If you want to use AWS SES as the email service, you can config this settings below, otherwise you can skip this part.
You also can reference the official guideline from here https://docs.aws.amazon.com/ses/index.html.
Sandbox is default in SES, that is only send email to verified Email address, both sender and to email address. There are two ways to verify the email address: by Domains or by Email Addresses. By Domains you can verify all the same type email address. By Email Addresses you only can verify one by one.
Production can send to any email address, but need application from AWS Team. SES --> Sending Statistics --> Edit your account Details --> input the basic information --> Submit for review
If you just want to run DAML with a small group of annotators, sandbox if enough.
- sender, enableEmail, useAWSSES [ optional ]
If you want enable send email function and want to use AWS SES as the email service, replace the sender and change enableEmail to true and change useAWSSES to true:
enableEmail: process.env.ENABLE_EMAIL || true,
useAWSSES: process.env.USE_AWS_SES || true,
sender: process.env.EMAIL_FROM || "xxx@xxx.com"