Skip to main content
Sharing to AWS S3
Yoanna Hristova avatar
Written by Yoanna Hristova
Updated over 2 months ago

This integration enables users to add their own AWS S3 buckets as a share destination and can be added via the social accounts page.

How to add an S3 Account

  1. Select your USER icon in the top right-hand corner of the page

  2. Select SOCIAL ACCOUNTS from the drop-down menu

  3. Select ADD ACCOUNT

  4. Select S3 ACCOUNT from the menu

  5. Enter S3 INTEGRATION NAM

  6. Enter BUCKET NAME

  7. Enter a REGION

  8. Enter ACCESS KEY

  9. Enter SECRET ACCESS KEY

  10. THIS S3 BUCKET USES AWS S3 ACCELERATED UPLOADS - if your S3 bucket has accelerated uploads enabled then check this checkbox to utilise this functionality

  11. DEFAULT UPLOAD PATH - this is the object key value that is used to determine where in your S3 bucket your uploads will be uploaded to. This is a default and can be overridden when you share

  12. Select TEST CONNECTION

📕 Note: A credential can only be added after the user has finished inputting their details into the form and has then pressed the Test Connection button at the bottom. The testing connection will upload a grabyo-test-connection file to the root of the user's bucket to ensure end-to-end functionality. If the test passes the user will be able to press Submit and create the credential.

How to share to an S3 Account

  1. Enter a FILE NAME

  2. Check the relevant checkbox for the ASSETS TO UPLOAD ( THUMBNAIL, METADATA JSON, METADATA XML, CC WEBVTT or CC SRT)

  3. Enter UPLOAD PATH

  4. Select SHARE TO S3

File Name - This is the filename used when uploading a file to the S3 bucket. This field is pre-populated with the filename of the media in Studio and can be changed here when sharing.
Assets To Upload - If the media being shared to S3 has any of these assets, the user can check the relevant checkbox to ensure the asset is also uploaded to S3 alongside the media.
Upload Path - This field will be pre-populated with the Default Upload Path that was specified in the form for creating the S3 credential. This field can be changed to share the media to another location in the S3 bucket. The final destination path for this file will look like this: s3://<bucketName>/abc/xyz/<fileName>

💡 Tip: When Grabyo uploads media and its assets to an S3 bucket we first check if the files with the specified filenames exist. If they do, we version the files to ensure the files that are already in the bucket are not overwritten. If they do not exist, we upload them with the specified filename. Versioned files will contain a version number at the end of the filename. Example: filename(1).mp4
Every asset that has been uploaded alongside the media will have the same versioned filename.

Metadata Export

Metadata export is the exporting of JSON and XML metadata files for media assets when sharing to AWS S3.

Example data exported for a video:

{"assetId":"someAssetIdGoesHere","aspectRatio":"16:9","fileName":"someFilename.mp4","fileDurationInMilliseconds":139926,"fileSizeInBytes":32112007,"title":"This is the title of my clip","description":"A description","tags":["Tag1", "Tag2"]}
<MetadataOutput><assetId>someAssetIdGoesHere</assetId><aspectRatio>16:9</aspectRatio><fileName>someFilename.mp4</fileName><fileDurationInMilliseconds>139926</fileDurationInMilliseconds><fileSizeInBytes>32112007</fileSizeInBytes><title>This is the title of my clip</title><description>A description</description><tags><tag>Tag1</tag><tag>Tag2</tag></tags></MetadataOutput>

📕 Note: Metadata exports are supported for Videos, GIFs and Images

Example IAM policy:


Adding a new S3 account

IAM Setup

I would highly recommend that you create a new IAM user with programmatic access to interface with Grabyo. Grabyo recommends that the new user policy should follow the principle of least privilege (POLP) in order to limit what the user is able to do.

Example IAM policy:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::YOUR_BUCKET_NAME" ] }, { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject" ], "Resource": [ "arn:aws:s3:::YOUR_BUCKET_NAME/*" ] } ] }

📕 Note: The IAM user policy will require the permissions to upload objects to the bucket, get objects from the bucket, and list the contents of a bucket.

Did this answer your question?