AWS Resources
Create the buckets, tables, and Rekognition collection.
Goal
Create the AWS resources the backend will rely on:
- S3 for raw uploads and thumbnails
- DynamoDB for photos, people, and occurrences
- Rekognition Collection for face matching
Use one region everywhere
Create ALL resources in the same region (recommended: us-east-1).
Rekognition collections are region-specific, and mismatches are a common
failure.
Minimum prerequisites
Make sure you have:
- AWS account access
- AWS CLI configured and working
- A single AWS region chosen (use the same region for everything in v2)
Quick check (CLI):
aws sts get-caller-identityshould return your account details.
AWS CLI setup
This project uses AWS CLI for Rekognition collection creation and verification. If your AWS CLI is not configured, complete this section before continuing.
Step 1: Install AWS CLI
-
Download and install AWS CLI v2 for your OS from the official AWS site.
-
After installation, verify:
aws --versionYou should see output like: aws-cli/2.x.x ...
Step 2: Configure credentials
Run:
aws configureEnter:
- AWS Access Key ID: (from your IAM user)
- AWS Secret Access Key: (from your IAM user)
- Default region name:
us-east-1 - Default output format:
json
Recommended default region
Set the default region to us-east-1 so you don’t forget the
region in commands.
Step 3: Verify you're authenticated
Run:
aws sts get-caller-identityExpected output contains your:
AccountArnUserId
If this fails, your credentials are not set up correctly.
Service Map
S3
We will use two buckets:
- Raw bucket (prefix:
photos-raw/) : stores original uploads - Thumbnails bucket (prefix:
faces-thumbs/): stores cropped face thumbnails and processed outputs
DynamoDB
We will create three tables:
Photostable: one record per uploaded photoPersonstable: one record per person clusterOccurrencestable: mapping of person ↔ photo with face metadata
Rekognition
We will create one Collection:
beetroot-faces
Note: S3 “folders” are just prefixes. We'll create them by uploading a placeholder object if needed.
Create resources (step-by-step)
Create bucket :
beetroot-raw- Go to S3 → Buckets → Create bucket
-
Bucket name:
beetroot-raw -
AWS Region:
us-east-1 - Block all public access: ON
- Versioning: ON
- Default encryption: ON (SSE-S3 is fine)
- Click Create bucket
Create bucket :
beetroot-thumbs- Go to S3 → Buckets → Create bucket
-
Bucket name:
beetroot-thumbs -
AWS Region:
us-east-1 - Block all public access: ON
- Versioning: ON
- Default encryption: ON (SSE-S3 is fine)
- Click Create bucket
Naming tip
S3 bucket names must be globally unique.
Create table :
Persons- Go to DynamoDB → Tables → Create table
- Table name:
Persons - Partition key:
personId(String) - Capacity mode: On-demand
- Click Create table
Create table :
Photos- Go to DynamoDB → Tables → Create table
- Table name:
Photos - Partition key:
photoId(String) - Capacity mode: On-demand
- Click Create table
Create table :
Occurrences- Go to DynamoDB → Tables → Create table
- Table name:
Occurrences - Partition key:
personId(String) - Sort key:
photoId(String) - Capacity mode: On-demand
- Click Create table
Why this key design?
This design makes the later API query simple:
- List people → read from
Persons - Photos for a person → query
OccurrencesbypersonId
Why CLI here?
Rekognition collections cannot be created via the AWS Console, they're only available through the CLI or SDK.
Skip step 1 if you have AWS CLI installed in your device.
- Open CloudShell in us-east-1
- In the AWS Console top bar, open CloudShell
- Ensure the region is
us-east-1
- Create the collection
Run:
aws rekognition create-collection ` --collection-id "beetroot-faces" ` --region us-east-1 - Verify the collection exists
Run:
aws rekognition list-collections --region us-east-1Confirm you see:
beetroot-faces
Checkpoint
By now, you should have:
- 2 S3 buckets (raw + thumbs)
- 3 DynamoDB tables (
Photos,People,Occurrences) - 1 Rekognition collection