Support & information center

How to Create a Data Stream

testRTC currently implements data streams using AWS S3 buckets cloud object store.

Table of contents

Create an S3 bucket

To use data streams, you will need to create an S3 bucket in your AWS account. To create an S3 bucket in your AWS account, you can follow these steps:

  1. Sign in to the AWS Management Console and open the Amazon S3 console at Amazon S3.
  2. Click on the Create Bucket button.
  3. Enter a unique name for your bucket. This name needs to be unique globally, so if the name you have chosen is already in use, you will need to choose a different name.

Important: Avoid including sensitive information, such as account number, in the bucket name. The bucket name is visible in the URLs that point to the objects in the bucket.

  1. Choose a region for your bucket. Select the region that is closest to your location to minimize latency.
  2. Leave the other settings at their default values or configure them as required for your use case.
  3. Click on the “Create bucket” button at the bottom of the page to create your bucket.

Congratulations! You have successfully created an S3 bucket in your AWS account.

Create IAM Policy and User

At the end of this process, you will have an IAM user account with a policy attached, along with all necessary permissions. This IAM account will provide you with an ‘access key’ and a ‘secret access key’ which you will later need to complete the data stream setup. Without this, we won’t be able to upload any data streams to your S3 bucket!

  1. Navigate to the IAM service on the Amazon console.
  2. In the navigation pane on the left, choose “Policies” and click on the “Create Policy” button.
  3. In the “Create Policy” page, select the “JSON” tab.
  4. In the “Edit policy” section, add the following JSON code and edit it as necessary.
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:AbortMultipartUpload"
            ],
            "Resource": [
                "arn:aws:s3:::{yourBucketName}",
                "arn:aws:s3:::{yourBucketName}/*"
            ],
            "Effect": "Allow"
        }
    ]
}

Note: This policy grants the user permission to get and list objects and object versions in the specified S3 bucket.

  1. Once you have entered your policy JSON code, click on “Next: Tags” to move to the next page.
  2. Optional: You may add tags if you wish, when you are done click “Next: Review” to review your policy details.
  3. Enter a name and description for your policy and click on the “Create policy” button to create your new IAM policy. The policy name will appear in the list of policies when you are adding it to your IAM user profile!

Note: You can now attach this policy to an IAM user by going to the “Permissions” tab and selecting the policy from the list of available policies.

  1. Select “Users” on the left menu and press the Add user button shown in Blue.
  2. Enter any username and click Next.
  3. In the next step, choose “Attach policies directly” from the options provided, then search for the policy you created and select it.
  4. Click Next to move to the next step, and then click Create User to complete the user setup.
  5. When the page refreshes, find and click your new user name in the list to view your user’s configuration settings.
  6. Navigate to the Security credentials tab.
  7. Scroll down to find the “Access Keys” section and click Create access key.
  8. Choose ‘Application running outside AWS’ and click Next.
  9. Provide a brief description for the use of this access key and click Create access key.

Important: Use the download option to save your keys as a .csv file. If you lose or forget your secret access key, you cannot retrieve it. Instead, you need to create a new access key and make the old key inactive.

Result: You now have an IAM user account with a policy attached. This account has provided you with an access key and a secret access key which you will need later to complete the data stream setup.

Edit Policy Permissions

To finalize the setup you just need to edit the policy permissions to provide access to testRTC to interact with the S3 bucket.

  1. Log in to the AWS Management Console and navigate to the S3 service.
  2. Select the bucket whose policy you want to edit.
  3. Click on the “Permissions” tab and select “Bucket Policy”.
  4. Add the following JSON code into the policy editor and make the necessary changes to the code
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowGetObjectPutObjectProjectIdFolder",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::203698524759:user/testrtc" //change to the 'ARN'for your user name. This can be found under your user name in the 'Users' section on the S3 platform.
            },
            "Action": [
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::{yourBucketName}/{yourProjectId}" //you can find yourProjectId by selecting a project on the testRTC platform. It will be shown at the end of the URL in the address bar. It will look similar to this 55bed333d5d5ca11004afdcv
        },
        {
            "Sid": "AllowListBucketProjectIdFolder",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::203698524759:user/testrtc" //change to the 'ARN'for your user name.
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::{yourBucketName}",
            "Condition": {
                "StringLike": {
                    "s3:prefix": "{yourProjectId}/*"
                }
            }
        }
    ]
}
  1. After making the changes to the policy, click on the “Save changes” button to save your changes.

Send to Support

Once created, pass the following parameters to our support team to complete the data stream setup:

  • accessKeyId: This is created as part of your IAM security profile.
  • secretAccessKey: This is created as part of your IAM security profile.
  • S3 bucket name: The name of the bucket you have created for data streams.
  • Filename prefix: The prefix to use for the files created. This can be whatever you want it to be. 
  • Collection interval: The number of minutes to wait between export functions. You can set it to anything from 5 minutes to 1,440 (a full day).

Best practices

  • Once a new file is created in an S3 bucket, it is good practice to use event notifications in AWS to be notified of that, collect the file, and delete it.
  • The frequency of data uploads can be set to anything from 5 minutes to 1,440 (a full day). The more data you are expecting, the smaller the interval should be.

Was this article helpful?

Yes No

Related Articles