Permissions and Security in Amazon Augmented AI - Amazon SageMaker

Permissions and Security in Amazon Augmented AI

When using Amazon Augmented AI (Amazon A2I) to create a human review workflow for your ML/AI application, you create and configure resources in Amazon SageMaker such as a human workforce and worker task templates. To configure and start a human loop, you either integrate Amazon A2I with other AWS services such as Amazon Textract or Amazon Rekognition, or use the Amazon Augmented AI Runtime API. To create a human review workflow and start a human loop, you must attach certain policies to your AWS Identity and Access Management (IAM) role or user. Specifically:

  • When you start a human loop using image input data on or after January 12th, 2020, you must add a CORS header policy to the Amazon S3 bucket that contains your input data. See CORS Permission Requirement to learn more.

  • When you create a flow definition, you need to provide a role that grants Amazon A2I permission to access Amazon S3 both for reading objects that are rendered in a human task UI and for writing the results of the human review.

    This role must also have a trust policy attached to give SageMaker permission to assume the role. This allows Amazon A2I to perform actions in accordance with permissions that you attach to the role.

    See Add Permissions to the IAM Role Used to Create a Flow Definition for example policies that you can modify and attach to the role you use to create a flow definition. These are the policies that are attached to the IAM role that is created in the Human review workflows section of the Amazon A2I area of the SageMaker console.

  • To create and start human loops, you either use an API operation from a built-in task type (such as DetectModerationLabel or AnalyzeDocument) or the Amazon A2I Runtime API operation StartHumanLoop in a custom ML application. You need to attach the AmazonAugmentedAIFullAccess managed policy to the user that invokes these API operations to grant permission to these services to use Amazon A2I operations. To learn how, see Create a User That Can Invoke Amazon A2I API Operations.

    This policy does not grant permission to invoke the API operations of the AWS service associated with built-in task types. For example, AmazonAugmentedAIFullAccess does not grant permission to call the Amazon Rekognition DetectModerationLabel API operation or Amazon Textract AnalyzeDocument API operation. You can use the more general policy, AmazonAugmentedAIIntegratedAPIAccess, to grant these permissions. For more information, see Create a User With Permissions to Invoke Amazon A2I, Amazon Textract, and Amazon Rekognition API Operations. This is a good option when you want to grant a user broad permissions to use Amazon A2I and integrated AWS services' API operations.

    If you want to configure more granular permissions, see Amazon Rekognition Identity-Based Policy Examples and Amazon Textract Identity-Based Policy Examples for identity-based policies you can use to grant permission to use these individual services.

  • To preview your custom worker task UI template, you need an IAM role with permissions to read Amazon S3 objects that get rendered on your user interface. See a policy example in Enable Worker Task Template Previews .

CORS Permission Requirement

Earlier in 2020, widely used browsers like Chrome and Firefox changed their default behavior for rotating images based on image metadata, referred to as EXIF data. Previously, images would always display in browsers exactly how they are stored on disk, which is typically unrotated. After the change, images now rotate according to a piece of image metadata called orientation value. This has important implications for the entire machine learning (ML) community. For example, if the EXIF orientation is not considered, applications that are used to annotate images may display images in unexpected orientations and result in incorrect labels.

Starting with Chrome 89, AWS can no longer automatically prevent the rotation of images because the web standards group W3C has decided that the ability to control rotation of images violates the web’s Same-Origin Policy. Therefore, to ensure human workers annotate your input images in a predictable orientation when you submit requests to create a human loop, you must add a CORS header policy to the S3 buckets that contain your input images.

Important

If you do not add a CORS configuration to the S3 buckets that contains your input data, human review tasks for those input data objects fail.

You can add a CORS policy to an S3 bucket that contains input data in the Amazon S3 console. To set the required CORS headers on the S3 bucket that contains your input images in the S3 console, follow the directions detailed in How do I add cross-domain resource sharing with CORS?. Use the following CORS configuration code for the buckets that host your images. If you use the Amazon S3 console to add the policy to your bucket, you must use the JSON format.

JSON

[{ "AllowedHeaders": [], "AllowedMethods": ["GET"], "AllowedOrigins": ["*"], "ExposeHeaders": [] }]

XML

<CORSConfiguration> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> </CORSRule> </CORSConfiguration>

The following GIF demonstrates the instructions found in the Amazon S3 documentation to add a CORS header policy using the Amazon S3 console.

Gif on how to add a CORS header policy using the Amazon S3 console.

Add Permissions to the IAM Role Used to Create a Flow Definition

To create a flow definition, attach the policies in this section to the role that you use when creating a human review workflow in the SageMaker console, or when using the CreateFlowDefinition API operation.

  • If you are using the console to create a human review workflow, enter the role Amazon Resource Name (ARN) in the IAM role field when creating a human review workflow in the console.

  • When creating a flow definition using the API, attach these policies to the role that is passed to the RoleArn parameter of the CreateFlowDefinition operation.

When you create a human review workflow (flow definition), Amazon A2I invokes Amazon S3 to complete your task. To grant Amazon A2I permission to retrieve and store your files in your Amazon S3 bucket, create the following policy and attach it to your role. For example, if the images, documents, and other files that you are sending for human review are stored in an S3 bucket named my_input_bucket, and if you want the human reviews to be stored in a bucket named my_output_bucket, create the following policy.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::my_input_bucket/*" ] }, { "Effect": "Allow", "Action": [ "s3:PutObject" ], "Resource": [ "arn:aws:s3:::my_output_bucket/*" ] } ] }

In addition, the IAM role must have the following trust policy to give SageMaker permission to assume the role. To learn more about IAM trust policies, see Resource-Based Policies section of Policies and Permissions in the AWS Identity and Access Management documentation.

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowSageMakerToAssumeRole", "Effect": "Allow", "Principal": { "Service": "sagemaker.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }

For more information about creating and managing IAM roles and policies, see the following topics in the AWS Identity and Access Management User Guide:

Create a User That Can Invoke Amazon A2I API Operations

To use Amazon A2I to create and start human loops for Amazon Rekognition, Amazon Textract, or the Amazon A2I runtime API, you must use a user that has permissions to invoke Amazon A2I operations. To do this, use the IAM console to attach the AmazonAugmentedAIFullAccess managed policy to a new or existing user.

This policy grants permission to a user to invoke API operations from the SageMaker API for flow definition creation and management and the Amazon Augmented AI Runtime API for human loop creation and management. To learn more about these API operations, see Use APIs in Amazon Augmented AI.

AmazonAugmentedAIFullAccess does not grant permissions to use Amazon Rekognition or Amazon Textract API operations.

Note

You can also attach the AmazonAugmentedAIFullAccess policy to an IAM role that is used to create and start a human loop.

To provide access, add permissions to your users, groups, or roles:

For more information, see Adding and Removing IAM Identity Permissions in the AWS Identity and Access Management User Guide.

Create a User With Permissions to Invoke Amazon A2I, Amazon Textract, and Amazon Rekognition API Operations

To create a user that has permission to invoke the API operations used by the built-in task types (that is, DetectModerationLables for Amazon Rekognition and AnalyzeDocument for Amazon Textract) and permission to use all Amazon A2I API operations, attach the IAM managed policy, AmazonAugmentedAIIntegratedAPIAccess. You may want to use this policy when you want to grant broad permissions to a user using Amazon A2I with more than one task type. To learn more about these API operations, see Use APIs in Amazon Augmented AI.

Note

You can also attach the AmazonAugmentedAIIntegratedAPIAccess policy to an IAM role that is used to create and start a human loop.

To provide access, add permissions to your users, groups, or roles:

For more information, see Adding and Removing IAM Identity Permissions in the AWS Identity and Access Management User Guide.

Enable Worker Task Template Previews

To customize the interface and instructions that your workers see when working on your tasks, you create a worker task template. You can create the template using the CreateHumanTaskUi operation or the SageMaker console.

To preview your template, you need an IAM role with the following permissions to read Amazon S3 objects that get rendered on your user interface.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::my_input_bucket/*" ] } ] }

For Amazon Rekognition and Amazon Textract task types, you can preview your template using the Amazon Augmented AI section of the SageMaker console. For custom task types, you preview your template by invoking the RenderUiTemplate operation. To preview your template, follow the instructions for your task type:

  • Amazon Rekognition and Amazon Textract task types – In the SageMaker console, use the role's Amazon Resource Name (ARN) in the procedure documented in Create a Worker Task Template.

  • Custom task types – In the RenderUiTemplate operation, use the role's ARN in the RoleArn parameter.

Using Amazon A2I with AWS KMS Encrypted Buckets

If you specify an AWS Key Management Service (AWS KMS) customer managed key to encrypt output data in OutputConfig of CreateFlowDefinition, you must add an IAM policy similar to the following to that key. This policy gives the IAM execution role that you use to create your human loops permission to use this key to perform all of the actions listed in "Action". To learn more about these actions, see AWS KMS permissions in the AWS Key Management Service Developer Guide.

To use this policy, replace the IAM service-role ARN in "Principal" with the ARN of the execution role you use to create the human review workflow (flow definition). When you create a labeling job using CreateFlowDefinition, this is the ARN you specify for RoleArn. Note that you cannot provide a KmsKeyId when you create a flow definition in the console.

{ "Sid": "AllowUseOfKmsKey", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::111122223333:role/service-role/example-role" }, "Action": [ "kms:Encrypt", "kms:Decrypt", "kms:ReEncrypt*", "kms:GenerateDataKey*", "kms:DescribeKey" ], "Resource": "*" }

Additional Permissions and Security Resources