AWS S3 Integration

Amazon S3 (Simple Storage Service) is a scalable object storage service that provides secure, durable, and highly available storage for any amount of data.

Environment Variables

Required Server Variables

AWS_REGION=us-east-1 # Your AWS region
AWS_ACCESS_KEY_ID=AKIA... # Your AWS access key ID
AWS_SECRET_ACCESS_KEY=your_secret_key_here # Your AWS secret access key
AWS_BUCKET_NAME=your-bucket-name # Your S3 bucket name

Setup Instructions

  1. Create an AWS Account: Sign up at aws.amazon.com if you haven't already

  2. Create an S3 Bucket:

    • Go to the AWS S3 Console
    • Create a new bucket
    • Configure bucket settings (region, permissions, etc.)

  3. Create IAM User:

    • Go to IAM Console
    • Create a new IAM user with programmatic access
    • Attach the AmazonS3FullAccess policy (or create custom policy)

  4. Get Your Access Keys:

    • In IAM, go to "Users" and select your user
    • Go to "Security credentials" tab
    • Create access keys and copy the Access Key ID and Secret Access Key

  5. Add Environment Variables:

    AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
AWS_BUCKET_NAME=my-app-bucket

Features Enabled

When these environment variables are configured, the following features become available:

  • ✅ File upload and storage
  • ✅ Image optimization and resizing
  • ✅ CDN integration capabilities
  • ✅ Static asset hosting
  • ✅ Backup and disaster recovery
  • ✅ Version control for files
  • ✅ Access control and permissions
  • ✅ Cost-effective storage scaling

Configuration Options

Advanced Configuration

You can customize AWS S3 behavior:

# Custom endpoint (for S3-compatible services)
AWS_ENDPOINT=https://s3.amazonaws.com

# CloudFront distribution (for CDN)
AWS_CLOUDFRONT_DISTRIBUTION_ID=E1A2B3C4D5E6F7

# Upload configuration
AWS_UPLOAD_MAX_SIZE=10MB
AWS_UPLOAD_ALLOWED_TYPES=image/*,application/pdf

# Security configuration
AWS_S3_SIGNATURE_VERSION=v4
AWS_S3_ACL=private

Security Best Practices

AWS S3 security considerations:

  • Use IAM roles instead of access keys when possible
  • Enable bucket versioning for data protection
  • Configure proper bucket policies
  • Use signed URLs for private content
  • Enable server-side encryption
  • Set up proper CORS configuration

Testing

AWS S3 provides testing capabilities:

  • Use test buckets for development
  • Test file upload and download operations
  • Verify access permissions
  • Test CDN integration
  • Monitor storage costs and usage

Production Deployment

Before going live:

  1. Ensure proper IAM permissions (principle of least privilege)
  2. Configure bucket policies and CORS
  3. Set up proper backup and replication
  4. Configure monitoring and alerts
  5. Review security settings
  6. Set up cost monitoring and budgets
  7. Configure proper error handling