Arize AI
Search…
Bucket Policy
Describes the bucket policy approach
A bucket policy authorizes Arize to access the data via the file importer service. The bucket policy is supplied by the Arize when you are constructing a file import job.
Below is what a S3 policy may look like:
The policy to apply is provided during job creation

arize_file_importer_read_only.json

1
{
2
"Version":"2012-10-17",
3
"Statement":[
4
{
5
"Sid":"Arize-File-Importer",
6
"Action":[
7
"s3:GetBucketTagging",
8
"s3:GetObject",
9
"s3:ListBucket"
10
],
11
"Effect":"Allow",
12
"Resource":[
13
"arn:aws:s3:::<YOUR-BUCKET>",
14
"arn:aws:s3:::<YOUR-BUCKET>/*"
15
],
16
"Principal":{
17
"AWS":[
18
"arn:aws:iam::<REDACTED>:role/arize-importer"
19
]
20
}
21
}
22
]
23
}
Copied!

Sample Terraform with Policy

1
resource "aws_iam_policy" "arize_file_importer_read_only" {
2
name = "arize_file_importer_read_only"
3
path = "/"
4
policy = file("arize_file_importer_read_only.json")
5
}
Copied!
Questions? Email us at [email protected] or Slack us in the #arize-support channel
Copy link
Contents