Amazon S3 Integration

Pagedip will store uploaded files in Amazon S3 and needs to be configured to access your S3 bucket. File uploads are an optional feature and this step can be skipped if you don't want Pagedip to store files.

Create an Amazon S3 Bucket

To begin, create an S3 bucket with any name. Then add the following bucket policy and replace my-pagedip-bucket with you bucket name.

{
  "Version": "2008-10-17",
  "Id": "Policy1369075868149",
  "Statement": [ {
    "Sid": "Stmt1369075862907",
    "Effect": "Allow",
    "Principal": { "AWS": "*" },
    "Action": "s3:GetObject",
    "Resource": "arn:aws:s3:::my-pagedip-bucket/*"
  } ]
}

This bucket will be accessed directly by browsers so a CORS policy is also needed.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <ExposeHeader>Access-Control-Allow-Origin</ExposeHeader>
    <AllowedHeader>*</AllowedHeader>
  </CORSRule>
</CORSConfiguration>

Obtain Amazon IAM Credentials

With the bucket configured, an access key and secret is needed for Pagedip to upload files into the bucket.

  1. Go to the AWS IAM console and create a new user.

  2. Give the user any name and programmatic access.

  3. Add one policy to the user: AmazonS3FullAccess

AWS will give you an access key and secret for the new user. Save these credentials along with the S3 bucket name for later.

Note: These permissions are very liberal for AWS. You can further restrict them to just the specific bucket as that is all Pagedip needs access too.

Configure Pagedip with Amazon IAM Credentials

Add the following configuration parameters to your Pagedip configuration file.

[api.aws]
accessKeyId = $AWS_ACCESS_KEY
secretAccessKey = $AWS_ACCESS_SECRET

[api.s3]
Bucket = $S3_BUCKET