|
| 1 | +# S3 Bucket Configuration |
| 2 | +1. (Create an S3 bucket)[https://docs.aws.amazon.com/AmazonS3/latest/userguide/create-bucket-overview.html], with any name |
| 3 | +2. Navigate to the S3 bucket permissions and add the following CORS policy. This is for development only, as it allows CORS from any origin. |
| 4 | +``` |
| 5 | +[ |
| 6 | + { |
| 7 | + "AllowedHeaders": [ |
| 8 | + "*" |
| 9 | + ], |
| 10 | + "AllowedMethods": [ |
| 11 | + "GET", |
| 12 | + "PUT", |
| 13 | + "POST", |
| 14 | + "DELETE", |
| 15 | + "HEAD" |
| 16 | + ], |
| 17 | + "AllowedOrigins": [ |
| 18 | + "*" |
| 19 | + ], |
| 20 | + "ExposeHeaders": [] |
| 21 | + } |
| 22 | +] |
| 23 | +``` |
| 24 | +3. In permissions, add the following bucket policy. Change "YOUR_BUCKET_NAME" to reflect name of the S3 bucket. |
| 25 | +``` |
| 26 | +{ |
| 27 | + "Version": "2008-10-17", |
| 28 | + "Id": "Policy1397632521960", |
| 29 | + "Statement": [ |
| 30 | + { |
| 31 | + "Sid": "Stmt1397633323327", |
| 32 | + "Effect": "Allow", |
| 33 | + "Principal": { |
| 34 | + "AWS": "*" |
| 35 | + }, |
| 36 | + "Action": "s3:GetObject", |
| 37 | + "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME_HERE/*" |
| 38 | + } |
| 39 | + ] |
| 40 | +} |
| 41 | +``` |
| 42 | +4. Uncheck "Block all public access" under "Block public access (bucket settings)". |
| 43 | +5. Under "Object Ownership", check "ACLs enabled" and set "Object Ownership" to "Object writer" |
| 44 | +6. Locate your AWS key and Secret Key. You can find this in the top AWS navigation under your name -> Security Credentials. |
| 45 | +7. Update the following lines to your .env file: |
| 46 | +``` |
| 47 | +AWS_ACCESS_KEY={AWS_ACCESS_KEY} |
| 48 | +AWS_REGION={S3_BUCKET_REGION} |
| 49 | +AWS_SECRET_KEY={AWS_SECRET_KEY} |
| 50 | +S3_BUCKET={S3_BUCKET_NAME} |
| 51 | +``` |
| 52 | + |
| 53 | +If your S3 bucket is in the US East (N Virginia) region (us-east-1), you'll |
| 54 | +need to set a custom URL base for it, because it does not follow the standard |
| 55 | +naming pattern as the rest of the regions. Instead, add the following to your |
| 56 | +environment/.env file, changing `BUCKET_NAME` to your bucket name. This is necessary because this override is currently treated as the full path to the bucket rather than as a proper base URL: |
| 57 | +`S3_BUCKET_URL_BASE=https://s3.amazonaws.com/{BUCKET_NAME}/` |
| 58 | + |
| 59 | +If you've configured your S3 bucket and DNS records to use a custom domain |
| 60 | +name, you can also set it using this variable. I.e.: |
| 61 | + |
| 62 | +`S3_BUCKET_URL_BASE=https://files.mydomain.com` |
| 63 | + |
| 64 | +For more information on using a custom domain, see this documentation link: |
| 65 | + |
| 66 | +http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingCustomURLs |
0 commit comments