# AWS S3

This is required to be able to save files uploaded by new hires or yourself.

  1. Go to https://s3.console.aws.amazon.com/s3/home and click on 'Create bucket'.
  2. Give it a fancy name and click on 'Next'.
  3. Keep everything at the default (or change it to your liking) and click on 'Next'.
  4. Keep everything at the default and click on 'Next'.
  5. Click on your newly created bucket.
  6. In the bucket, go to 'Permissions' and then to 'CORS'.
  7. Add this CORS configuration there (change YOURDOMAIN):
[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "POST",
            "DELETE",
            "GET"
        ],
        "AllowedOrigins": [
            "https://YOURDOMAIN"
        ],
        "ExposeHeaders": []
    }
]

The bucket is now created. Up next, we need to create a user to be able to post and get from this bucket.

  1. Go to https://console.aws.amazon.com/iam/home#/users.
  2. Click on 'Add user'.
  3. Give it a fancy user name and select 'Programmatic access', so we get the keys we need to enter in ChiefOnboarding. Click on 'Next'.
  4. Go to 'Attach existing policies directly' and click then 'Create policy'.
  5. For 'Service' pick 'S3'.
  6. For 'Actions' pick 'GetObject', 'DeleteObject' and 'PutObject'.
  7. Under 'Resources', enter the correct bucket name and for the 'Object name' select 'Any'.
  8. Click on 'Add'.
  9. Click on 'Review policy'.
  10. Give it a fancy name and click on 'Create policy'.
  11. Go back to the set up screen of your IAM user and click on the refresh button to refresh policies.
  12. Add your newly created policy to the user and click on 'Next'.
  13. Click on 'Next' again. Twice.
  14. You will now get to see the Access key ID and the Secret access key. Add those to your environment variables or .env file.

Example variables:

AWS_S3_ENDPOINT_URL=https://s3.eu-west-1.amazonaws.com
AWS_ACCESS_KEY_ID=AKIAXXXXXXXX
AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXX
AWS_STORAGE_BUCKET_NAME=bucket-name
AWS_REGION=eu-west-1