Ango Hub Docs
Open Ango HubContact iMerit
  • Ango Hub Documentation
  • Video Guides
  • Changelog
  • FAQs & Troubleshooting
  • All Keyboard and Mouse Shortcuts
  • Core Concepts
    • Assets
    • Attachments
    • Batches
    • Benchmarks
    • Category Schema (Ontologies)
    • Frame Interpolation
    • Geofencing
    • Idle Time Detection & Time Tracking
    • Instructions
    • Issues
      • Issue Error Codes
    • Label Validation
    • Labeler Performance
    • Labeling
    • Labeling Queue
    • Multiple Classification
    • Notifications
    • Organizations
    • Projects
    • Requeuing
    • Reviewing
    • Review Queue
    • Skipping
    • Stage History
    • Tasks
    • Usage
    • User Roles
    • Workflow
      • Complete
      • Consensus
      • Hold
      • Label
      • Logic
      • Plugin
      • Review
      • Start
      • Webhook
  • Labeling
    • Managing Users in Projects
      • Profile Page
    • Managing the Project Ontology
    • Labeling Editor Interface
      • Audio Labeling Editor
      • Image Labeling Editor
      • Video Labeling Editor
      • DICOM Labeling Editor
      • Medical Labeling Editor
        • 3D Bounding Box
        • Fill Between Slices
        • Island Tools
        • Line (Tape Measure)
        • Smoothing
      • PDF Labeling Editor
      • Text (NER) Labeling Editor
      • LLM Chat Labeling Editor
      • Markdown Labeling Editor
      • 3D Multi-Sensor Fusion Labeling Editor
    • Labeling Classes
      • Tools
        • Bounding Box
        • Brush
        • Entity
        • Message
        • Nested Classifications
        • PCT
        • PDF Tool
        • Point
        • Polygon
        • Polyline
        • Rotated Bounding Box
        • Segmentation
        • Spline
        • Voxel Brush
      • Classification
        • Checkbox
        • Multiple Dropdown
        • Radio
        • Rank
        • Single Dropdown
        • Text
        • Tree Dropdown Tools (Single and Multiple Selection)
      • Relation
        • Single Relation
        • Group Relation
    • Magnetic Lasso
    • Performance & Compatibility Considerations
  • Data
    • Data in Ango Hub
      • Embedding Private Bucket Files in MD Assets
    • Importing Assets
      • Asset Builder
      • Bundled Assets
        • Importing Multiple Images as One Multi-Page Asset
        • Importing Multiple Single-Frame DICOM Files as One Multi-Page Asset
        • Importing multiple DICOM files to be annotated and displayed at once
        • Importing Multiple Single-Frame DICOM Files as a DICOM Series
        • Importing Multiple Markdown Files as One Multi-Page Asset
      • File Explorer
      • Supported Asset File Types & Codecs
      • Importing Cloud (Remote) Assets
      • Importing From Local Machine
      • Creating and Importing LLM Chat Assets
      • Importing Data in the 3D Multi-Sensor Fusion Labeling Tool
      • Bulk Importing Markdown/HTML Assets
      • Importing Attachments during Asset Import
      • Importing Annotations during Asset Import
      • contextData: Adding Extra Data to Assets
      • Importing Reference Images as Overlay
      • Importing Reference Medical Data During Asset Import
    • Importing and Exporting Annotations
      • Importing Annotations
        • Ango Import Format
        • Importing Brush Traces
        • Importing NRRD Annotations
      • Exporting Annotations
        • Ango Export Format
          • Asset
            • Task
              • Tools
              • Classifications
              • Relations
          • Stage History
    • Adding and Managing LLMs
    • Storages
      • Set up a storage integration with Azure
      • Set up a storage integration with AWS S3
      • Set up a storage integration with MinIO and S3-compatible custom storage services
      • Set up a storage integration with GCP (Google Cloud Platform)
      • Set up CORS
      • Validating Storage Integrations
    • Purging Data from Ango Hub
  • Plugins
    • Overview of Plugins in Ango Hub
      • Installing Plugins
      • Plugin Setting Presets
      • Monitoring Plugin Progress
    • First-Party Plugins
      • Ango Export Converter Plugins
      • Asset Converter Plugins
      • Ango to Mask Converter
      • Batch Assignment
      • ChatGPT
      • Column-Agnostic Markdown Generator
      • CSV Export for Classification
      • DALL-E
      • DALL-E (Model Plugin)
      • File Explorer Plugin
      • General Object Detector
      • General Object Segmenter
      • Markdown Generator
      • One-Click Segmentation
      • Open World Object Detection
      • Optical Character Recognition
      • TPT Export
      • YOLO | Instance Segmentation
      • YOLO | Pose Estimation
      • YOLO | Object Detection
      • YOLO | Image Classification
    • Plugin Developer Documentation
      • Export Plugins
      • Batch Model Plugins
      • Model Plugins
      • File Explorer Plugins
      • Markdown Generator Plugins
      • Plugin Logger
      • [WIP] Deploying your Plugin
      • Plugin 'Host' Information
  • SDK
    • SDK Documentation
      • Project Level SDK Functions
        • add_members_to_project
        • assign_batches
        • assign_task
        • create_attachment
        • create_batch
        • create_issue
        • create_label_set
        • create_project
        • delete_issue
        • export
        • exportV3
        • get_assets
        • get_batches
        • get_issues
        • get_metrics
        • get_project
        • get_project_performance
        • get_task
        • get_tasks
        • get_task_history
        • import_labels
        • list_projects
        • requeue_tasks
        • rerun_webhook
        • update_workflow_stages
        • upload_files
        • upload_files_cloud
        • upload_files_with_asset_builder
        • upload_chat_assets
      • Organization Level SDK Functions
        • create_storage
        • delete_organization_invites
        • delete_organization_members
        • delete_storage
        • get_organization_invites
        • get_organization_members
        • get_storages
        • invite_members_to_org
        • update_organization_members_role
    • SDK - Useful Snippets
    • SDK Changelog
  • API
    • API Documentation
  • How-To
    • Add Members
      • Add multiple users to a project
    • Annotate
      • Annotate 3D Point Cloud Files on Ango Hub
      • Perform targeted OCR on images
    • Export Data
      • Automatically send Ango Hub Webhook contents to Google Sheets, Email, Slack, and more with Zapier
      • Download a JSON of your project ontology
      • Download DICOM Segmentation Masks
      • Download your annotations in the COCO, KITTI, or YOLO format
      • Download your Segmentation Masks
      • Get your export as separate JSON files for each asset
    • Manage a Project
      • Get your API Key
      • Get your Organization ID
      • Mute your notifications
      • Open an asset provided the Asset ID
      • Pre-label assets
      • Share a filtered view of the Tasks table with others
      • Transfer project ontologies between projects
      • Transfer project workflows between projects
    • Perform Model Evaluation on Ango Hub
  • Troubleshooting
    • I get a "0 Tasks Labeled" alert when trying to pre-label tasks
    • I get a 'The data couldn't be loaded properly' error when opening certain assets
    • I get a "Unknown Classification" warning when opening a task
  • Feature Availability Status for projects of the 3D Multi-Sensor Fusion type
  • Comparison between QuickServe and Ango Hub
  • Changes from Ango Hub Legacy
  • Video V2 Breaking Changes and Transition
  • Data Access, Storage, and Security
  • Two-Factor Authentication
  • Single Sign-On (SSO) Support
  • Customer Support
  • Ango Hub Status Page
Powered by GitBook
On this page
  • Configure CORS (Mandatory step)
  • Method 1: Connect your Cloud Storage by creating an IAM User for Ango Hub
  • Method 2: Connect your Cloud Storage by using IAM Delegation
  • Initialize Ango Hub integration
  • Set up IAM role and policy on AWS S3
  • Finalize Ango Hub integration
  • Preparing and Uploading the JSON for Import
  1. Data
  2. Storages

Set up a storage integration with AWS S3

How to import assets in private buckets on AWS S3 for labeling on Ango Hub

PreviousSet up a storage integration with AzureNextSet up a storage integration with MinIO and S3-compatible custom storage services

Last updated 3 months ago

Administrators and project managers can import assets to Ango Hub from AWS private S3 buckets.

Once you have created a storage integration by following the steps in this page, you are ready to import files by providing Ango Hub with URLs to files in your private buckets. You may follow the steps in this page to do so:

There are two ways to allow Ango Hub to access private bucket data: through creating an IAM user for Ango Hub, or by setting up IAM delegation. Both methods function identically, with the only difference being in the setup and the access Ango Hub obtains.

Configure CORS (Mandatory step)

The CORS header below allows Ango Hub to send a request to your cloud storage, and allows your cloud storage to explicitly allow requests from Hub. This is a necessary step to ensure Hub can connect to your private bucket.

Method 1: Connect your Cloud Storage by creating an IAM User for Ango Hub

Once you've set up CORS for your bucket, you will need to create a connection between Hub and the bucket itself.

To link your bucket to Hub with the IAM User method, you will need your bucket's Access Key ID and Secret Key. To obtain them, you will need to create an IAM user on your cloud storage provider's management dashboard. .

Both your Access Key ID and your Secret Access Key will be alphanumeric strings, the former 20 and the latter 40 characters long.

Once you have obtained the two strings, go to , then click on Storages and Add Storage.

From the dialog that pops up, pick "AWS S3" and click on "Next".

Provide your connection with a unique name, pick your provider, select your region, and input the aforementioned keys. From the "Access Type" selector, pick "IAM User", then click on "Next".

Your bucket will be linked to Hub, and it will show up in your list of integrations.

Integrations belong to your organization, not your user.

If you want to be able to access your non-public cloud data in multiple organizations, you will have to integrate Hub with AWS in every one of them.

Method 2: Connect your Cloud Storage by using IAM Delegation

If you do not wish to or cannot create a new IAM user for Ango, you may use IAM delegation to connect your private bucket to Ango Hub.

Initialize Ango Hub integration

  1. From Ango Hub, click on Organization in the top bar.

  2. Enter the Storages tab.

  3. Click on Add Storage. The "Add Storage" dialog will appear. Pick "AWS S3" from the picker, and click on "Next". Keep this tab open as you will enter information here later.

Set up IAM role and policy on AWS S3

  1. In a new tab, open your AWS S3 console.

  2. Navigate to the bucket(s) you would like to connect to Hub. For each bucket you would like to connect, take note of the Amazon Resource Name (ARN) for it:

  1. From the "IAM" section, navigate to the "Policies" sub-section, then click on "Create Policy"

  1. Click on "JSON"

  1. In the Policy Editor, paste the following JSON. In the "Resource" property, paste the bucket ARNs you have copied in step 5. Each ARN will have to be copied twice: once by itself, and once with a trailing /*. This will allow Hub to access both the bucket and its contents.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": [
                "arn:aws:s3:::your-bucket-name/*",
                "arn:aws:s3:::your-bucket-name",
                "arn:aws:s3:::your-second-optional-bucket-name/*",
                "arn:aws:s3:::your-second-optinal-bucket-name"
            ]
        }
    ]
}
Property
Description

Version

The formatting version of the policy. Use the version dated 2012-10-17.

Effect

Specifies that the actions listed below will be allowed.

Action

The actions that will be allowed. In this case, Ango Hub is given read-only access to the bucket.

Resource

The buckets that Ango Hub will be able to access.

  1. Click on the "Next" button at the bottom of the screen.

  2. In the "Policy Name" text area, enter a name for the new policy.

  3. Click on "Create Policy" at the bottom.

  4. From the IAM section of the AWS dashboard, enter the "Roles" sub-section and click on "Create Role":

  1. Click on "Custom trust policy"

  2. In the text area that appears, paste the following JSON:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::397578311638:user/angohub-delegate"
            },
            "Action": "sts:AssumeRole",
            "Condition": {
                "StringEquals": {
                    "sts:ExternalId": "your-external-id-for-the-role-here"
                }
            }
        }
    ]
}

The "Principal -> AWS" property must be pasted as-is and it is the same for all users: arn:aws:iam::397578311638:user/angohub-delegate

In the sts:externalId property, enter an external ID by which this role will be known. You will need this later when finalizing the integration with Ango Hub.

  1. Click on "Next".

  2. From the "Add Permissions" page that appears, enable the checkbox next to the policy you have created in step 11.

  3. Click on "Next".

  4. In the "Role name" field, enter a name for this role.

  5. Click on "Create Role".

  6. From the "Roles" sub-section, click on the role you have just created, and copy its ARN. You will need it later:

Finalize Ango Hub integration

  1. Go back to the Ango Hub tab you had opened in step 3.

  2. In the "Add Storage" dialog, enter a unique name for your storage, enter the name of the region where the bucket is located, select "IAM Delegated" in the "Access Type" selector, then paste the Role ARN and the External IDs we took note of earlier.

Preparing and Uploading the JSON for Import

You will be shown a screen asking you if you'd like to validate whether your storage has been succesfully connected to Ango Hub. Please follow the instructions on for information on how to use the validation form. When you are done, click on "Create Storage". You may click on it immediately if you wish to skip validating your storage integration.

Ensure you have first set up the CORS policy for your bucket correctly by following the steps .

Click on "Next" to optionally validate your storage integration (more details in its ). Click on "Create Storage" to finalize the integration.

After connecting your bucket, you will need to prepare a JSON file containing each asset’s as well as the asset's full absolute path and, optionally, other information.

Follow the steps outlined in the docs page on .

this docs page
in this page
dedicated docs page here
Importing Cloud (Remote) Assets
Importing Cloud (Remote) Assets
The steps to follow to set up CORS with Ango Hub can be found here.
More information on how to do this here
your organization's page
external ID