Using Dynamic Ingest with S3

Product(s)
Video Cloud
Role(s)
API Developer
Task(s)
Add Videos/Assets
API(s)
Dynamic Ingest API

In this topic, you will learn how to ingest videos from your Amazon S3 account using the Dynamic Ingest API.

Overview

Dynamic Ingest can pull videos from your Amazon S3 bucket. If your S3 content is accessible to Everyone, there is nothing you need to do. If your content is protected, however, you will need to add a bucket policy allowing Dynamic Ingest to access your videos. This document explains how to do that.

Setting the S3 Policy

To set up your policy to allow Dynamic Ingest to access your videos, go to the AWS Console. Select your bucket, then select the "Permissions" tab, then click the "Bucket Policy" button. On the last row click Add bucket policy. Below is our recommended policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AddPerm",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::395540211253:root"
      },
      "Action": [
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::BUCKETNAME/*"
      ]
    },
    {
      "Sid": "Stmt1295042087538",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::749779118921:user/videocloud-ingestion"
      },
      "Action": [
        "s3:GetObjectAcl",
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::BUCKETNAME/*"
    }
  ]
}

There is only one change you must make to this bucket policy before it's ready to go:

  1. Replace {BUCKETNAME} with the name of your bucket. Leave the /* at the end of the Resource line, as that will apply the policy to every file within the bucket.
  2. Optionally, replace the Action array with the actions you want to allow. Valid actions that Video Cloud may need are:

    Object Permissions - first action array in the example above

    Bucket Permissions - second action array in the example above

    • s3:GetBucketLocation - allow Video Cloud to get the location of the bucket (US, EU, Asia, etc.)
    • s3:ListBucketMultipartUploads - allow Video Cloud to view any multipart uploads currently happening on the bucket

    Video Cloud does not need any write permissions.