-
Notifications
You must be signed in to change notification settings - Fork 22
AWS Config
If you are new to AWS, you can reference the following step by step configuration guideline.
You can also reference this doc file as the guideline: AWS-step-by-step-config-with-chart.pdf
If you don't have a AWS account, signup an account at here. If you already have a AWS account, login to your account at AWS portal login .
DAML uses S3, SQS, IAM services as dependencies and we recommend to use the same region for the AWS services.
Copy the region from your login portal url or the dropdown box in the upper right corner, and add it to the data-annotator-for-machine-learning/annotation-service/config/app-os.js file:
region: process.env.REGION || "xxx"
You can reference the S3 official guideline from https://docs.aws.amazon.com/s3/index.html.
Bucket Tab --> Create bucket --> input bucket name and Region(use the same default region with other services) and --> Create bucket.
Add the new bucket name to the data-annotator-for-machine-learning/annotation-service/config/app-os.js file:
bucketName: process.env.BUCKET_NAME || "xxx"
S3 --> Buckets --> click your Bucket name --> Permissions --> Cross-origin resource sharing (CORS) --> Edit --> replace with the below json --> Save changes.
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
]You can reference the official guideline from https://docs.aws.amazon.com/sqs/index.html.
SQS --> Create queue:
select standard queue
input queue name
others leave as default value
Copy the queue URL and add it to the data-annotator-for-machine-learning/annotation-service/config/app-os.js file:
sqsUrl: process.env.SQS_URL || "xxx"
You can reference the official guideline from https://docs.aws.amazon.com/iam/index.html.
Policies tab --> Create policy --> JSON --> input the json below:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ses:*",
"s3:*",
"sqs:*"
],
"Resource": "*"
}
]
}--> Review Policy --> input the policy name --> Create policy.
Users tab --> Add user --> input user name and click allow programmatic access --> Next: Permissions --> Next:Tags --> Next:Review --> Create user --> click Download.csv and save the csv file to your local system --> Close.
Roles tab --> Create role --> Another AWS account --> input account ID --> Next: Permissions --> Next:Tags --> Next:Preview --> input role name --> Create role.
Click User tab --> copy User ARN. Click Roles --> click the role name that you just created --> click Trust Relationships --> click edit trust relationship --> replace the root user with you copied user role -->click update Trust Policy.
Click Roles --> click Permissions --> click Attach policies --> filter the policies with the name you just created in step1 and click it --> click Attach Policy.
Copy the access key ID and secret access key from your download csv file and add them to the data-annotator-for-machine-learning/annotation-service/config/app-os.js file:
accessKeyId: process.env.ACCESSKEY_ID || "xxx"
secretAccessKey: process.env.SECRET_ACCESS_KEY || "xxx"
Copy the S3 Role ARN and SQS Role ARN and add them to the data-annotator-for-machine-learning/annotation-service/config/app-os.js file:
s3RoleArn: process.env.S3_ROLEARN || "xxx"
sqsRoleArn: process.env.SQS_ARN || "xxx"
If you want to use AWS SES as the email service, you can config the settings as below, otherwise you can skip this part.
You also can reference the official guideline from here https://docs.aws.amazon.com/ses/index.html.
Sandbox is the default in SES. It only sends email to verified email addresses (both sender and to email addresses). There are two ways to verify the email address: by Domains or by Email Addresses. By Domains you can verify all the same type email address. By Email Addresses you only can verify one by one.
Production can send to any email address. SES --> Sending Statistics --> Edit your account Details --> input the basic information --> Submit for review.
If you just want to run DAML with a small group of annotators, sandbox is enough.
If you want enable send email function and want to use AWS SES as the email service, replace the sender and change enableEmail to true and change useAWSSES to true:
enableEmail: process.env.ENABLE_EMAIL || true,
useAWSSES: process.env.USE_AWS_SES || true,
sender: process.env.EMAIL_FROM || "xxx@xxx.com"