Will & Skill Developers

Will & Skill Developers


Thoughts, snippets and ideas from the team at Will & Skill AB, Stockholm.

Faisal M
Author

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

Share


Tags


avrt

How to add a new S3 bucket on AWS properly in 5 minutes

Faisal MFaisal M

A lot of people have asked me how to hook up an S3 bucket. So here is a quick and simple write up on how to do it properly.

Amazon S3 is a great resource for handling and serving your site’s media files. You can serve everything from images, documents, css, javascript and more. It is basically a file system in the cloud!

Overview

  1. Create IAM user
  2. Create S3 bucket
  3. Give IAM user access to S3 bucket
  4. Setup CORS settings

1. Create IAM user

  • Enter the name You want for this new user and select Programmatic Access under Select AWS access type and then click the Next button. The name of my user will be johndoe

  • In Set permissions for johndoe just click Next: Review

  • In Review just click Create User

  • Your user has now been created. Make sure You click Download .csv and store the account credentials in a safe place!

2. Create S3 bucket

  • Click on the Create bucket button outlined in red below. Select an appropriate name and region!

  • In Step 2 - Set properties click Next

  • In Step 3 - Set permissions just click Next

  • In Step 4 - Review, just click the Create bucket button

3. Give IAM user access to S3 bucket

  • Add access settings for Your IAM user and Your bucket. Copy the snippet below and make the changes necessary for Your setup.

The snippet below means that EVERYONE can READ all files but only johndoe can WRITE to the bucket!

{
	"Version": "2008-10-17",
	"Statement": [
		{
			"Sid": "AllowPublicRead",
			"Effect": "Allow",
			"Principal": {
				"AWS": "*"
			},
			"Action": "s3:GetObject",
			"Resource": "arn:aws:s3:::bananabuck/*"
		},
		{
			"Sid": "Stmt1376258746819",
			"Effect": "Allow",
			"Principal": {
				"AWS": "arn:aws:iam::12345678901234:user/johndoe"
			},
			"Action": "s3:*",
			"Resource": [
				"arn:aws:s3:::bananabuck/*",
				"arn:aws:s3:::bananabuck"
			]
		}
	]
}

  • Add CORS settings. Copy the snippet below and make the changes necessary for Your setup.

NOTE: You must press Save in order for the changes to take place!

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        
        <AllowedOrigin>https://*.yourdomain.no</AllowedOrigin>
        <AllowedOrigin>https://*.yourdomain.se</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
        <AllowedHeader>Host</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

You have now successfully setup a new bucket with write permissions for johndoe!

Faisal M
Author

Faisal M

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

View Comments