To create custom AWS S3 storage, do the following:
1. Create an Amazon AWS account;
2. Create an IAM user with S3 bucket permissions;
3. Create an IAM policy;
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::bucketname"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"s3:PutAnalyticsConfiguration",
"s3:GetObjectVersionTagging",
"s3:CreateBucket",
"s3:ReplicateObject",
"s3:GetObjectAcl",
"s3:DeleteBucketWebsite",
"s3:PutLifecycleConfiguration",
"s3:GetObjectVersionAcl",
"s3:DeleteObject",
"s3:GetBucketWebsite",
"s3:PutReplicationConfiguration",
"s3:GetBucketNotification",
"s3:PutBucketCORS",
"s3:GetReplicationConfiguration",
"s3:ListMultipartUploadParts",
"s3:PutObject",
"s3:GetObject",
"s3:PutBucketNotification",
"s3:PutBucketLogging",
"s3:GetAnalyticsConfiguration",
"s3:GetObjectVersionForReplication",
"s3:GetLifecycleConfiguration",
"s3:ListBucketByTags",
"s3:GetInventoryConfiguration",
"s3:GetBucketTagging",
"s3:PutAccelerateConfiguration",
"s3:DeleteObjectVersion",
"s3:GetBucketLogging",
"s3:ListBucketVersions",
"s3:RestoreObject",
"s3:ListBucket",
"s3:GetAccelerateConfiguration",
"s3:GetBucketPolicy",
"s3:GetObjectVersionTorrent",
"s3:AbortMultipartUpload",
"s3:GetBucketRequestPayment",
"s3:GetObjectTagging",
"s3:GetMetricsConfiguration",
"s3:DeleteBucket",
"s3:PutBucketVersioning",
"s3:ListBucketMultipartUploads",
"s3:PutMetricsConfiguration",
"s3:GetBucketVersioning",
"s3:GetBucketAcl",
"s3:PutInventoryConfiguration",
"s3:GetObjectTorrent",
"s3:PutBucketWebsite",
"s3:PutBucketRequestPayment",
"s3:GetBucketCORS",
"s3:GetBucketLocation",
"s3:ReplicateDelete",
"s3:GetObjectVersion"
],
"Resource": "arn:aws:s3:::bucketname/*"
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "*"
}
]
}
Please be advised that you should replace the bucketname value with the name of your bucket created in your AWS account.
4. Assign created policy to IAM user;
5. Create an S3 bucket with the necessary custom name and in the necessary region;
Please, do not use a period (dot) in the bucket name.
Later in this guide, you will be asked to add the https protocol to the endpoint's link, because Stripo requires a secure URL for the image storage. If a bucket name has a period, the https protocol cannot be added to the link. It is explained by the way an SSL certificate is assigned to. Please, take a look at the article for details.
6. Choose Static website hosting and index document index.html;
7. Set Bucket permission policy;
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*"
}
]
Please be advised that you should replace the bucketname value with the name of your bucket created in your AWS account.
8. Deactivate Objects from the bucket permissions;
9. Add settings to web server, e.g., nginx;
location /content {
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass https://s3-eu-west-1.amazonaws.com/bucketname;
proxy_redirect off;
}
10. Enter 'YOUR_DOMAIN_ADDRESS/content" as "Base Download URL" when configuring the Plugin settings.
As advised earlier, the https protocol must be added to the link. It will look like this:
https :// bucketname .s3.amazonaws.com/content
Thank you for taking the time to read our articles. We hope you will find this information helpful.
If you have any additional questions, please email us at support@stripo.email.
We would be glad to talk with you.