Skip to main content

Storing Files on Amazon S3

If you use containers for deployment, you should not store files within the container’s filesystem.

This integration allows you to delegate storing such files to Amazon’s S3 service.

Environment variables

Variable NameDescription
AWS_ACCESS_KEY_IDYour AWS access key.
AWS_DEFAULT_ACLAccess Control List for uploaded files. By default, none is assigned.
AWS_MEDIA_BUCKET_NAMEThe S3 bucket name to use for the media files.
AWS_MEDIA_CUSTOM_DOMAINThe custom domain to use for the media bucket.
AWS_MEDIA_PRIVATE_BUCKET_NAMEThe S3 bucket name to use for the private media.
AWS_QUERYSTRING_AUTHEnabling query parameter authentication from the generated URLs.
AWS_QUERYSTRING_EXPIREThe number of seconds which a generated URL is valid for.
AWS_SECRET_ACCESS_KEYYour AWS secret access key.
AWS_STATIC_CUSTOM_DOMAINThe custom domain to use for the static bucket.
AWS_STORAGE_BUCKET_NAMEThe S3 bucket name to use for the static files.

Serving media files from an S3 bucket

"Media files" are the files uploaded through the dashboard. They include product images, category images, and non-image files. If you want to use S3 to store and serve media files, you need to configure at least the bucket name (see table above). A custom domain will allow you to use your CloudFront distribution or the public domain of your S3 bucket's static hosting. If you are experiencing problems accessing uploaded files, ensure that permissions are correctly configured (AWS_DEFAULT_ACL environment variable).

Serving static files from an S3 bucket

"Static files" are assets required for Saleor to operate. They include assets used in default email templates. If you also wish to use S3 for your static files, you need to configure at least the bucket name (see table above). A custom domain will allow you to use your CloudFront distribution or the public domain of your S3 bucket's static hosting.

Cross-Origin Resource Sharing

You need to configure your S3 bucket to allow cross-origin requests for some files to be properly served (SVG files, Javascript files, etc.) under the permissions tab. An example configuration that allows all hosts and headers is as below:

[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "HEAD"],
"AllowedOrigins": ["*"],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]

Refer to the AWS CORS documentation for more details.

Storing private media files on S3 bucket

"Private media files" are files generated by Saleor backend e.g. webhook event delivery payloads. If you want to use S3 to store private media files, you need to configure the bucket name (see table above).

caution

These files may contain sensitive information. Make sure that public access and static website hosting are disabled for this bucket.