OVERVIEW:

Amazon S3 bucket is a container for objects. An object is a file and any metadata that describes that file. To store an object in Amazon S3, you create a bucket and then upload the object to the bucket. When the object is in the bucket, you can open, download and move it. When you no longer need an object or a bucket, you can clean up your resources.

 

Prerequisite: Setting up Amazon S3:

You should meet the following prerequisites before going through.

  • Create an Amazon web console.

  • IAM user with relevant access. You can use a root account as well, but it should have the highest permissions and  avoid using root users in a production environment.

  • Creating your first S3 Bucket.

Sign up for AWS:

Following the below steps to AWS account.

  1. Open https://portal.aws.amazon.com/billing/signup#/start

  2. Follow the online instructions.
    Part of the sign-up procedure involves receiving a phone call and entering a verification code on the phone keypad.

AWS sends you a confirmation email after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to https://aws.amazon.com/ and choosing My Account.

Create an IAM user:

  1. Log in to the AWS Management Console.

  2. From the home dashboard, choose Identity & Access Management.

(IAM): https://console.aws.amazon.com/iamv2/home#/users

  1. In the navigation panel, choose Users and then choose Add user.

  1. For the User name, enter “your_s3-admin_username” and check Access key - Programmatic access on the below check box.

  1. Create a group for the user and assign the policy to it.

  2. Choose Next: Permissions.

  3. Under Set permissions, choose to Add user to group.

  4. Choose Create group.

  5. In the Create group dialog box, for Group name enter your group name for that user. Example: “s3-admin-group”.

  6. Choose Filter policies, and then type S3 to filter the table contents.

  7. In the policy list, select the check box for AWS S3 Full Access. Then choose Create group.

  1. Choose Next: Tags.

  2. Choose Next: Review to see the list of group memberships to be added to the new user. When you are ready to proceed, choose to Create user.

  1. After the user is created, the next important step is to download the CSV file containing the Access key and Secret key for programmatically accessing the S3 Bucket.

Creating your first S3 Bucket:

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.

 

  1. Choose Create bucket. The Create bucket wizard opens.

  1. In Bucket name, enter a DNS-compliant name for your bucket.
    The bucket name must:

    • Be unique across all of Amazon S3.

    • Be between 3 and 63 characters long.

    • Not have uppercase characters.

    • Start with a lowercase letter or number.

  2. After you create the bucket, you cannot change its name. For information about naming buckets, see Bucket naming rules.

  3. In Region, choose the AWS Region where you want the bucket to reside. Choose a Region close to you to minimize latency and costs and address regulatory requirements. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region.

  4. Under Object Ownership, to disable or enable ACLs and control ownership of objects uploaded in your bucket, choose one of the following settings:
    ACLs disabled (by default)

    • Bucket owner enforced – ACLs are disabled, and the bucket owner automatically owns and has full control over every object in the bucket. ACLs no longer affect permissions to data in the S3 bucket. The bucket uses policies to define access control.
      To require that all new buckets are created with ACLs disabled by using IAM or AWS Organisations policies, see       Disabling ACLs for all new buckets (bucket owner enforced).

  5. ACLs enabled

    • Bucket owner preferred – The bucket owner owns and has full control over new objects that other accounts write to the bucket with the bucket-owner-full-control canned ACL.
      If you apply the bucket owner preferred setting, to require all Amazon S3 uploads to include the bucket-owner-full-control canned ACL, you can       add a bucket policy that only allows object uploads that use this ACL.

    • Object writer – The AWS account that uploads an object owns the object, has full control over it, and can grant other users access to it through ACLs.

  6. In Bucket settings for Block Public Access, choose the Block Public Access settings that you want to apply to the bucket. We recommend that you keep all settings enabled unless you know that you need to turn off one or more of them for your use case, such as to host a public website. Block Public Access settings that you enable for the bucket are also enabled for all access points that you create on the bucket.

  7. Click on “Create bucket” and the bucket will be created.

  8. Setup CORS.

CORS stands for Cross-origin resource sharing. As the name says, it allows you to request a cross-origin resource. In simple terms, it allows you to request a resource such as an image or CSS from another domain.

How to enable CORS on your Amazon S3 buckets?

To enable CORS on your Amazon S3 bucket, follow below steps:

  1. Select your desired S3 bucket.

  2. In the right-hand panel, click Permissions.

  3. Click Edit CORS Configuration.

  4. In the pop-up dialog, paste the following text:

[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"HEAD"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": []
}
 ] 

       5.    Click Save.