Skip to main content
Skip table of contents

AWS Configuration


The first step when helping a customer set-up AWS credentials is to ask their IT department if they have:

  • Keys for a user with TranslateFullAccess and AmazonS3FullAccess policies

  • An S3 bucket that user has access to

If the customer does not have a keys for a user with that information or a bucket. Someone from their IT department will have to do the following:


Configuring the AWS Configuration in AI Hub, will enable the customer to access all available services via the AWS Bedrock ecosystem, including:

  • Amazon Titan Express

  • AI21 Labs

  • Anthropic Claude Models

  • Amazon Textract

  • Amazon Transcribe

Create a new user

  • Search for IAM and select IAM.

  • Select Users, “Create User”

  • You do not need to select “Provide user access to the AWS Management Console”

  • Attach policies directly

    • TranslateFullAccess

    • AmazonS3FullAccess

    • AmazonTextractFullAccess (OCR Only)

    • AmazonTranscribeFullAccess (ASR only)

  • Now click Create User

  • Search for the user created in the previous step and select

  • Click Security credentials

  • Click “Create access key”

  • Select Third-party service, select Next

  • Name the key

  • Download .csv file this is your “AWS Access Key ID” and “AWS secret access key”. You will not be able to recreate the .csv

Create AWS data access ARN

  • Search for the user you created in “Create user” steps

  • Click into the user

    • Scroll down to Permissions policies

    • Select “TranslateFullAccess”

    • The ARN will be on the top right

Create S3 Bucket

  • Type in S3 in bar

  • Click S3

  • Create Bucket

    • Choose an AWS region

      • We reccommend US-EAST-1

    • Select a General purpose

    • Name the bucket

    • Unselect “block public access”

    • Disable Bucket versioning

    • (Optional) we recommend that you add a LILT tag, so that you can track your usage

    • Click create the bucket

  • Enter this bucket name into LILT’s Amazon credentials, and select the region the Bucket is assigned


Q: Which Amazon Translate actions do I need to include in the IAM policy?

A: Translate, S3 bucket

Q: Do specific resource types need to be indicated in the policy or the ARN?

A: Ideally yes, you would create a very specific IAM. Without specific resource types, someone could have more or less privileges than what you want on your AWS account.

Q: For the ARN, we need more information about what exactly is required. Is this for encryption?

A: No it is to access translate client, S3, and other resources needed for translation.

Q: What happens if we turn on the “Use Terminology” option? Will this create a terminology resource in AWS with our Lilt glossary/TB or the other way around (it will use custom terminology already uploaded to AWS)?

A: LILT will send the terminology from the data source to AWS, and the terminology will be used in AWS.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.