|This article applies to:||
Allows customer to host their own assets, but still utilize Alegion platform business logic for granting asset read access to authorized workers.
Secure - only an authorized worker gets access to view the asset, and only while performing annotation work on that asset.
Self-hosted - the customer hosts the assets, not Alegion. Alegion never sees the asset bytes, only asset metadata like filename, frames-per-second, number of frames, etc.
Asset Access for Annotation Worker
In a nutshell, the customer hosts their assets in an S3 bucket in their own AWS account. The Alegion platform uses a
signed url to grant an authorized worker secure, limited-time access to a specific asset, while the worker is annotating that asset. When the customer is hosting assets in their own S3 bucket, they simply need to grant permission to read that bucket to the Alegion Asset IAM role. The Alegion platform is then able to generate valid signed urls for assets in the customer’s bucket, which are passed to authorized workers.
Process Flow Diagram
Option - Automated Image Asset Registration
Depending on the desired workflow, we can also set up automated asset registration on the customer’s S3 bucket. This involves creating an Event Trigger on the bucket which invokes a Lambda in Alegion’s AWS account every time a new asset is added to the customer bucket. The Lambda then calls the Alegion API to register (but not upload) that asset. This alleviates the need for the customer to write and run their own code to call the asset registration API, or use an out-of-band method for registration.
Option - Automated Video Asset Validation and Registration
The Alegion platform requires more metadata about video assets than about image assets. Specifically, it needs frames-per-second and frame count. Therefore, to implement the same style of automated registration for videos as was described for images, the Lambda needs read access to the bucket in order to analyze the assets at registration time. In this setup, the asset bytes are still never stored on the Alegion side, and the Lambda only accesses the bytes for the duration of the analysis. We have created a tool that performs the necessary analysis and also validates that the video file doesn’t have any known issues that would cause a problem when displayed to the worker in the annotation tool.