Table of Contents
This document help you to configure Amazon S3 and link it with the product addon file upload settings. For this, you need to follow 4 steps.
To create an IAM User you will need to first log in to your pre-existing AWS account from here.
If you do not have an AWS account you can simply register a new one from here
After logging in to your AWS account you will need to set up a new IAM user.
For this, you will need to maneuver your way to the IAM Users page in the AWS console and click the ADD USER button.
You can set your preferred authentic name in the User Name field.
Names are case insensitive and must be unique within your AWS account. User names can be a combination of up to 64 letters, digits, and these characters: plus (+), equal (=), comma (,), period (.), at-sign (@), and hyphen (-).
Select the checkbox for programmatic access under access type then proceed with the next: permissions button.
Specific permissions need to be granted to allow new users to manage buckets and objects in the S3 service.
Giving full access to S3 for the new user is the preferred way moving forward. The “AmazonS3FullAccess” policy is designed to help new users to avoid and limit running into potential problems. Users who have been using AWS previously may choose to create their own Custom IAM Policy. A user can always go back and edit their IAM user policy so that only essential resources are made required.
Click the “Attach existing policies directly” button, and then enter “s3” in the filter policies input box.
Before clicking the Next:Tags button at the bottom of the page you need to select the “AmazonS3FullAccess” policy.
The third page is to add tags, adding tags is completely optional as it is mostly used by experienced AWS users to help with management tasks. After deciding upon tags you can click the Next:Review button at the bottom of the page to move to the next page.
If you’re happy with the selections you can click on the Create User button.
The next page will display the security credentials for the new user, which consist of an Access Key ID and a Secret Access Key. Amazon will only show these credentials once so it is advised to download these credentials as a .csv file and keep them safe as you can only create a new set of keys from the console but cannot recover the secret key again
Clicking the close button will take you back to the IAM Users page.
You need to set up an Amazon S3 Bucket to store the media.
For this, you will need to maneuver your way to the Amazon S3 page in the AWS console and click the Create Bucket button.
You can enter your bucket name in the field Bucket Name, And choose a region for the bucket to be hosted from the field AWS Region in section General Configuration.
In the next step, you can choose the object ownership type,
You can choose ACLs disabled when all objects in this bucket are owned by this account. Access to this bucket and its objects is specified using only policies.
Otherwise, you can choose ACLs enabled when Objects in this bucket can be owned by other AWS accounts. Access to this bucket and its objects can be specified using ACLs.
In the next step, you can set the public access settings,
Uncheck all the checkboxes and enable public access to the bucket.
Rest of the settings you can keep the default settings, And click on to Create Bucket Button.
Then, Your bucket will be created in the specified region.
If you got any permission issues you can mention the bucket policies by adding a policy in JSON format.
You can use the below policy for the same.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::6580xxxx007:user/demo" // replace this AIM usr arn
},
"Action": [
"s3:ListBucket",
"s3:DeleteObjectVersionTagging",
"s3:GetObjectAcl",
"s3:GetObject",
"s3:AbortMultipartUpload",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>/*",
"arn:aws:s3:::<BUCKET_NAME>"
]
},
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:PutObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>/*",
"arn:aws:s3:::<BUCKET_NAME>"
]
}
]
}
Replace <BUCKET_NAME> with your bucket name.
Also, You need to modify the CORS policy.
Scroll down to bottom from permissions tab, and see the CORS policy section.
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"POST",
"PUT"
],
"AllowedOrigins": [
"<SITE_URL>" // change it with your site url, eg https://acowebs.com , also you can use “*” if you wont need to restrict
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
},
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
Replace <SITE_URL>with your site url, eg. https://acowebs.com , also you can use “*” if you wont need to restrict per any site.
Now you will have the access key, secret key, bucket name, region and directory inside your amazon s3 account. You can add these data inside the custom product addon file upload settings and configure s3 as below.
Here, Region will be available on your s3 account as below. You can add it here.
If you have questions about our plugin(s), are experiencing issues with any of our plugin