-
-
Save tchaton/12ad4b788012e83c0eb35e6223ae09fc to your computer and use it in GitHub Desktop.
use private s3. buckets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This gist describes the steps process to add a private bucket on Lightning AI | |
# 1. Go on your AWS account and search for IAM | |
# 2. From the left tab, create a policy on AWS with the following JSON. Replace the bucket with yours. | |
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Sid": "PermissionForObjectOperations", | |
"Effect": "Allow", | |
"Action": [ | |
"s3:*" | |
], | |
"Resource": [ | |
"arn:aws:s3:::{YOUR_BUCKET}", | |
"arn:aws:s3:::{YOUR_BUCKET}/**" | |
] | |
}, | |
{ | |
"Sid": "PermissionToAssume", | |
"Effect": "Allow", | |
"Action": [ | |
"sts:AssumeRole" | |
], | |
"Resource": [ | |
"{THE ROLE NAME CREATED IN STEP 2}" | |
] | |
} | |
] | |
} | |
# 3. Create a role and reference the permission policy created above. | |
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Sid": "Statement1", | |
"Effect": "Allow", | |
"Principal": { | |
"AWS": "arn:aws:iam::158793097533:root" | |
}, | |
"Action": "sts:AssumeRole" | |
} | |
] | |
} | |
# 4. Update the policy with the role arn. | |
# 5. Add the arn as a secret on Lightning AI |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment