Question/Issue:
Hello, I’m new on Edge Impulse and I’ve configured a S3 bucket as data source for a project.
I wanted to know what are the access level used by Edge Impulse ?
I don’t want to give full permissions on the bucket using s3:*
, I would like to specify each access level. Do you have an example of a policy that I can reuse that covers it ?
Project ID: NA
Context/Use case:
This is what I have for now:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EdgeImpulseAccess",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::267341338450-manual-edge-impulse/*"
]
}
]
}
1 Like
Eoin
March 26, 2024, 2:32pm
#2
Hi @callmemath-pro
Let me check that over for you and post back in a little bit.
Best
Eoin
1 Like
Eoin
March 26, 2024, 4:58pm
#3
Hi @callmemath-pro
Managing objects and listing the bucket contents should be all you need
"s3:GetObject",
"s3:PutObject",
"s3:ListBucket",
You can also restrict access based on the request origins too:
{
"CORSRules": [
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["PUT", "POST"],
"AllowedOrigins": ["https://studio.edgeimpulse.com"],
"ExposeHeaders": []
}
]
}
Best
Eoin
1 Like
Thanks, I could add the bucket but then got the error access denied
when adding a new dataset:
(even though it seems to be added anyway when I refreshed the page)
It gave me a successful response after I added "s3:DeleteObject"
as well.
Would be interesting to have a read-only bucket feature someday