Giving Amazon Personalize access to CloudWatch Giving Amazon Personalize access to your Amazon S3 bucket

Guidelines and requirements

Amazon Personalize starts calculating and reporting the impact of recommendations only after you create a metric attribution. To build the most complete history, we recommend creating a metric attribution before you import your interactions data. When you create a dataset import job for an Item interactions dataset with the Amazon Personalize console, you have the option to create a metric attribution in a new tab. Then you can return to the import job to complete it.

After you create a metric attribution and record events or import incremental bulk data, you will incur some monthly CloudWatch cost per metric. For information about CloudWatch pricing, see the Amazon CloudWatch pricing page. To stop sending metrics to CloudWatch, delete the metric attribution.

To see the impact of recommendations over time, keep importing data as customers interact with recommendations. If you have already imported data, you can still create a metric attribution and start measuring recommendation impact. However, Amazon Personalize won’t report on data that you imported before you created it.

The following are guidelines and requirements for generating reports with a metric attribution:

You must grant Amazon Personalize permission to access and put data in CloudWatch. For policy examples, see Giving Amazon Personalize access to CloudWatch.
To publish metrics to Amazon S3, give Amazon Personalize permission to write to your bucket. You also must provide the bucket path in your metric attribution. For policy examples, see Giving Amazon Personalize access to your Amazon S3 bucket.
To publish metrics to CloudWatch, records must be less than 14 days old. If your data is older, these records won't be included in calculations or reports.
Importing duplicate events (events that match for all attributes exactly) can lead to unexpected behavior including inaccurate metrics. We recommend that you remove duplicate records from any bulk data before import, and avoid importing duplicate events with the PutEvents operation.
Your Item interactions dataset must have an EVENT_TYPE column.
You can't create metric reports for data in a Action interactions dataset.
You can create at most one metric attribution per dataset group. Each metric attribution can have at most 10 metrics.

To compare sources, each interaction event must include a recommendationId or eventAttributionSource. You can provide at most 100 unique event attribution sources. For PutEvents code samples, see Event metrics and attribution reports.

If you provide a recommendationId, Amazon Personalize automatically determines the source campaign or recommender and identifies it in reports in an EVENT_ATTRIBUTION_SOURCE column.
If you provide both attributes, Amazon Personalize uses only the eventAttributionSource.
If you don't provide a source, Amazon Personalize labels the source SOURCE_NAME_UNDEFINED in reports.

Topics

Giving Amazon Personalize access to CloudWatch
Giving Amazon Personalize access to your Amazon S3 bucket

Giving Amazon Personalize access to CloudWatch

Important

When you grant permissions, Amazon Personalize places and validates a small amount of data in CloudWatch. This will incur a one-time cost of less than $0.30. For more information about CloudWatch pricing, see the Amazon CloudWatch pricing page.

To give Amazon Personalize access to CloudWatch, attach a new Amazon Identity and Access Management (IAM) policy to your Amazon Personalize service role that grants the role permission to use the PutMetricData Action for CloudWatch. The following policy example grants PutMetricData permissions.


{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "cloudwatch:PutMetricData"
      ],
      "Resource": "*"
    }
  ]
}

Giving Amazon Personalize access to your Amazon S3 bucket

To give Amazon Personalize access to your Amazon S3 bucket:

Attach an IAM policy to your Amazon Personalize service role that grants the role permission to use the PutObject Action on your bucket.


{
    "Version": "2012-10-17",
    "Id": "PersonalizeS3BucketAccessPolicy",
    "Statement": [
        {
            "Sid": "PersonalizeS3BucketAccessPolicy",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::bucket-name",
                "arn:aws:s3:::bucket-name/*"
            ]
        }
    ]
}

Attach a bucket policy to your output Amazon S3 bucket that grants the Amazon Personalize principle permission to use the PutObject Actions.

If you use Amazon Key Management Service (Amazon KMS) for encryption, you must grant Amazon Personalize and your Amazon Personalize IAM service role permission to use your key. For more information, see Giving Amazon Personalize permission to use your Amazon KMS key.


{
    "Version": "2012-10-17",
    "Id": "PersonalizeS3BucketAccessPolicy",
    "Statement": [
        {
            "Sid": "PersonalizeS3BucketAccessPolicy",
            "Effect": "Allow",
            "Principal": {
                "Service": "personalize.amazonaws.com"
            },
            "Action": [
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::bucket-name",
                "arn:aws:s3:::bucket-name/*"
            ]
        }
    ]
}

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Measuring recommendation impact with a metric attribution

Creating a metric attribution