Will & Skill Developers

Will & Skill Developers


Thoughts, snippets and ideas from the team at Will & Skill AB, Stockholm.

Faisal Mahmud
Author

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

Share


How to add a new S3 bucket on AWS properly in 5 minutes

Faisal MahmudFaisal Mahmud

A lot of people have asked me how to hook up an S3 bucket. So here is a quick and simple write up on how to do it properly.

Amazon S3 is a great resource for handling and serving your site’s media files. You can serve everything from images, documents, css, javascript and more. It is basically a file system in the cloud!

Overview

  1. Create IAM user
  2. Create S3 bucket
  3. Give IAM user access to S3 bucket
  4. Setup CORS settings

1. Create IAM user

2. Create S3 bucket

3. Give IAM user access to S3 bucket

The snippet below means that EVERYONE can READ all files but only johndoe can WRITE to the bucket!

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::bananabuck/*"
        },
        {
            "Sid": "Stmt1376258746819",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::12345678901234:user/johndoe"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::bananabuck/*",
                "arn:aws:s3:::bananabuck"
            ]
        }
    ]
}

NOTE: You must press Save in order for the changes to take place!

<?xml version="1.0" encoding="UTF-8"?>  
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">  
    <CORSRule>

        <AllowedOrigin>https://*.yourdomain.no</AllowedOrigin>
        <AllowedOrigin>https://*.yourdomain.se</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
        <AllowedHeader>Host</AllowedHeader>
    </CORSRule>
</CORSConfiguration>  

You have now successfully setup a new bucket with write permissions for johndoe!

Faisal Mahmud
Author

Faisal Mahmud

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

Comments