Configuring Jiglu to use Amazon Comprehend toxic content screening

To screen contributions submitted by users for potentially toxic content, Jiglu integrates with the Amazon Comprehend toxic content service. This analyses content for a number of potential

Note that Amazon Comprehend usage is charged based on the size of content checked and depending on the organisation's AI policy, Amazon may retain content submitted.

AWS configuration

To get started you will first need to create an account or role used to access Amazon Comprehend in the AWS console:

1. Log on to AWS.
2. Search for and then select the IAM service.
3. Select Policies on the left column and create a policy called JigluComprehendAccess and give it access to the Comprehend service's DetectToxicContent action.

You now have a choice of whether to use an Instance Profile for Jiglu to retrieve credentials to access Comprehend or whether to use static keys.

Instance Profile credentials

Instance profile credentials allow an EC2 server to obtain temporary credentials that refresh regularly via the systems manager. For information using this method see Using an IAM role to grant permissions to applications running on Amazon EC2 instances in the AWS documentation.

Static key credentials

Static credentials allow you to store the access details in the Jiglu configuration file. This will be simpler to set up but less secure.

4. In the AWS console in the IAM service select Users on the left column.
5. Select the Add user button, give it the name comprehenduser, check the Programmatic access checkbox and then the Next button.
6. On the Set permissions screen select the Attach existing policies directly tab and then select the JigluComprehendAccess policy. Now, unless you wish to assign the user to a tag, select the Next button through the next two screens and then the Create user button.
7. You now need to copy the values for the access key and secret key to somewhere safe for the next stage. The access key is a set of upper-case letters and numbers while the secret key a mix of base 64-encoded characters.

Jiglu configuration

Now you need to configure the access details and enable the analyser in the Jiglu bootstrap.properties file usually found in /etc/jiglu.

In the Amazon Web Services section of the file you will need to configure the credentials:

8. Set the com.jiglu.aws.authProvider property to either instance or static depending on your earlier choice.
9. If you chose static, set the com.jiglu.aws.accessKey property to the access key you noted down in step 7.
10. If you chose static, set the com.jiglu.aws.secretKey property to the secret key you noted down in step 7.

Next in the External content analysis section of the file you will need to configure the analyser:

11. Change the com.jiglu.contentAnalysis.toxicityAnalyser property from none to comprehend.
12. Ensure the com.jiglu.contentAnalysis.awsRegion property is set to the correct region.

You are now ready to restart the Jiglu server. If everything is correct then the system log (usually found in /var/log/jiglu/system.log for the current day) should contain an entry confirming that it was able to successfully connect to the Amazon Comprehend service as the user that you specified.