# @strapi/provider-upload-aws-s3 ## Resources - [LICENSE](LICENSE) ## Links - [Strapi website](https://strapi.io/) - [Strapi documentation](https://docs.strapi.io) - [Strapi community on Discord](https://discord.strapi.io) - [Strapi news on Twitter](https://twitter.com/strapijs) ## Installation ```bash # using yarn yarn add @strapi/provider-upload-aws-s3 # using npm npm install @strapi/provider-upload-aws-s3 --save ``` ## Configuration - `provider` defines the name of the provider - `providerOptions` is passed down during the construction of the provider. (ex: `new AWS.S3(config)`). [Complete list of options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property) - `actionOptions` is passed directly to the parameters to each method respectively. You can find the complete list of [upload/ uploadStream options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#upload-property) and [delete options](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#deleteObject-property) See the [documentation about using a provider](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#using-a-provider) for information on installing and using a provider. To understand how environment variables are used in Strapi, please refer to the [documentation about environment variables](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#environment-variables). ### Provider Configuration `./config/plugins.js` ```js module.exports = ({ env }) => ({ // ... upload: { config: { provider: 'aws-s3', providerOptions: { accessKeyId: env('AWS_ACCESS_KEY_ID'), secretAccessKey: env('AWS_ACCESS_SECRET'), region: env('AWS_REGION'), params: { Bucket: env('AWS_BUCKET'), }, }, actionOptions: { upload: {}, uploadStream: {}, delete: {}, }, }, }, // ... }); ``` #### Configuration for S3 compatible services This plugin may work with S3 compatible services by using the `endpoint` option instead of `region`. Scaleway example: `./config/plugins.js` ```js module.exports = ({ env }) => ({ // ... upload: { config: { provider: 'aws-s3', providerOptions: { accessKeyId: env('SCALEWAY_ACCESS_KEY_ID'), secretAccessKey: env('SCALEWAY_ACCESS_SECRET'), endpoint: env('SCALEWAY_ENDPOINT'), // e.g. "s3.fr-par.scw.cloud" params: { Bucket: env('SCALEWAY_BUCKET'), }, }, }, }, // ... }); ``` ### Security Middleware Configuration Due to the default settings in the Strapi Security Middleware you will need to modify the `contentSecurityPolicy` settings to properly see thumbnail previews in the Media Library. You should replace `strapi::security` string with the object bellow instead as explained in the [middleware configuration](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#loading-order) documentation. `./config/middlewares.js` ```js module.exports = [ // ... { name: 'strapi::security', config: { contentSecurityPolicy: { useDefaults: true, directives: { 'connect-src': ["'self'", 'https:'], 'img-src': [ "'self'", 'data:', 'blob:', 'dl.airtable.com', 'yourBucketName.s3.yourRegion.amazonaws.com', ], 'media-src': [ "'self'", 'data:', 'blob:', 'dl.airtable.com', 'yourBucketName.s3.yourRegion.amazonaws.com', ], upgradeInsecureRequests: null, }, }, }, }, // ... ]; ``` If you use dots in your bucket name, the url of the ressource is in directory style (`s3.yourRegion.amazonaws.com/your.bucket.name/image.jpg`) instead of `yourBucketName.s3.yourRegion.amazonaws.com/image.jpg`. Then only add `s3.yourRegion.amazonaws.com` to img-src and media-src directives. ## Required AWS Policy Actions These are the minimum amount of permissions needed for this provider to work. ```json "Action": [ "s3:PutObject", "s3:GetObject", "s3:ListBucket", "s3:DeleteObject", "s3:PutObjectAcl" ], ```