Brightspot Integrations Guide

Configuring a Comprehend policy and role in AWS


This topic explains how to configure an AWS permission, role, and user for allowing access to the Comprehend service. After you complete this configuration, you can proceed with the integration into Brightspot as described in Configuring the Comprehend integration.

Note
The following procedure describes an activity in a third-party application. While Brightspot periodically validates this procedure, individual steps may change in the interim without our knowledge. If you notice an inaccuracy, please leave feedback using the widget at the bottom of this topic.
Caution
The steps in this procedure specify AWS users or roles with permissions that may not be appropriate for all environments. Before deploying this procedure in a production environment, ensure that the permissions you configure conform to your company's security policies.

Step 1: Create a custom policy for Comprehend

AWS Comprehend includes several language features. Brightspot requires only two of these features: detect entities and detect key phrases. In this step, you create a custom policy that enables only those features.

  1. In the AWS console, click Services > Security, Identity, & Compliance > IAM.
  2. In the left rail, click Access management > Policies.
  3. Click Create policy.
  4. In the Specify permissions widget, click JSON.
  5. Delete the existing statements, and paste the following:

    {
      "Version": "2012-10-17",
      "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
              "s3:GetObject",
              "s3:ListBucket",
              "s3:PutObject",
              "comprehend:BatchDetectEntities",
              "comprehend:BatchDetectKeyPhrases"
            ],
          "Resource": "*"
        }
      ]
    }

  6. Click Next.
  7. In the Review and create widget, enter a policy name and description.
  8. Click Create policy.

Step 2: Create a Comprehend role

In this step, you create a role associated with a default policy for accessing Comprehend.

  1. In the AWS console, click Services > Security, Identity, & Compliance > IAM.
  2. In the left rail, click Access management > Roles.
  3. Click Create role.
  4. Under Trusted entity type, select AWS service.
  5. From the Service or use case list, filter for Comprehend.
  6. Select Comprehend.
  7. Click Next.
  8. In the Permissions policies widget, under Policy name, ensure ComprehendDataAccessRolePolicy appears. (This is a standard policy that has more permissions than necessary. In a later step you remove this policy and add the one you created.)
  9. Click Next.
  10. In the Name, review, and create widget, enter a role name and description.
  11. Click Create role.

Step 3: Attach the custom policy to the Comprehend role

In this step, you attach the Comprehend policy to the Comprehend role.

  1. In the Roles widget, click the role you created. in "Step 2: Create a Comprehend role."
  2. Under Permissions policies, do the following:
    1. Remove the default policy ComprehendDataAccessRolePolicy.
    2. Click Add permissions > Attach policies.
    3. Filter for and select the custom policy you created in "Step 1: Create a custom policy for Comprehend."
    4. Click Add permissions.

Proceed to the procedure in Configuring the Rekognition Image integration using the role you created. You can then test the integration by generating suggested tags and sections as described in Applying suggested tags to images.

Previous Topic
Configuring the Comprehend integration
Next Topic
Applying suggested tags and sections
Was this topic helpful?
Thanks for your feedback.
Our robust, flexible Design System provides hundreds of pre-built components you can use to build the presentation layer of your dreams.

Asset types
Module types
Page types
Brightspot is packaged with content types that get you up and running in a matter of days, including assets, modules and landing pages.

Content types
Modules
Landing pages
Everything you need to know when creating, managing, and administering content within Brightspot CMS.

Dashboards
Publishing
Workflows
Admin configurations
A guide for installing, supporting, extending, modifying and administering code on the Brightspot platform.

Field types
Content modeling
Rich-text elements
Images
A guide to configuring Brightspot's library of integrations, including pre-built options and developer-configured extensions.

Google Analytics
Shopify
Apple News