Disclaimer : The security of your S3 bucket is solely a client responsibility, and the integrity of your data will be at risk without it. We very strongly recommend securing your S3 bucket properly.
AWS Account Creation
You can quickly create your AWS Account. You should also contact your AWS contacts to get help with your AWS account setup.
AWS CloudFormation template
It’s possible to start from the Private S3 bucket AWS CloudFormation template and customize it for your needs for a faster deployment.
Disclaimer : This template is provided as an example only. It is your responsibility to validate that running the template will result in the configuration/policy/security settings your studio requires.
- Go the CloudFormation service in AWS Console
- Select Template is ready
- Set Amazon S3 URL to https://sg-shotgunsoftware.s3-us-west-2.amazonaws.com/tier1/cloudformation_templates/sg-private-s3-bucket.yml
- Set a stack name like ShotGrid-s3-bucket
- Set your S3 bucket name and your ShotGrid site name
I acknowledge that AWS CloudFormation might create IAM resources
CORS policy on your S3 bucket will be minimally configured, allowing only the required origin (your site) and methods, amongst other things.
The template will create an AWS Role with the following permissions on your bucket:
- Allow ShotGrid to access your S3 bucket.
- Allow the ShotGrid account to assume the role by setting the role Trust Relationship.
Media Isolation Activation
Please contact ShotGrid support via the dedicated Slack channel and provide the following information:
- S3 bucket name
- AWS Region
- ShotGrid Role ARN
ShotGrid will configure your test site to use your own S3 bucket.
At this stage, you should be able to upload and download media. The ShotGrid Transcoding Service should also be able to read, transcode and write back the thumbnails, filmstrip and web friendly versions of your media back to your S3 Bucket. To validate this:
- Log in your Migration Test Site.
- From the Navigation Bar, go the the Media app
- Once in the Media App, drag and drop or upload an image or a video from your computer. If you didn’t created a Project yet, you may have to create one first.
- A version should appear, with a thumbnail, in the Media App.
- Validate that you can playback the media by clicking the Play button.
- To validate that the media has been stored in your S3 bucket, from the media viewer, click on the cog and then select or hover over ‘view source’. The HTTPS link should contain your bucket name.
See Media Traffic Isolation to activate the Media Traffic Isolation feature.
See Web Traffic Isolation to activate the Web Traffic Isolation feature.
See Media Replication to activate the Web Traffic Isolation feature.
Go to Setup for an overview of the possible next steps.