Skip to main content
This guide demonstrates how to use your cloud provider’s native logging tools to get full transparency into how and when Labelbox accesses your data via IAM Delegated Access. By monitoring these logs, you can maintain a complete, unchangeable record of every interaction, which is essential for security compliance and internal audits.

Gain visibility through logs

When you grant Labelbox access using the IAM Delegated Access method, every action our platform takes is authenticated by your cloud provider. Every time Labelbox temporarily assumes the IAM role to access a file for labeling, your cloud provider records that event in an audit log. These logs answer critical security questions:
  • Who made the request? (The specific Labelbox IAM role)
  • What resource was accessed? (The specific file/object in your bucket)
  • When did the access occur? (A precise timestamp)
  • From where was the request made? (The source IP address, which will be one of Labelbox’s servers)
By analyzing these logs, you can have complete confidence that Labelbox is only accessing data as needed for your users to perform their labeling tasks.

Step-by-step monitoring guides

One of the benefits of using IAM delegated access is that security-conscious teams can choose to access audit logs of when their raw data is read by Labelbox through their cloud provider.

AWS S3

Google GCS

Azure Blob Storage