Storing Files on Amazon S3
If you use containers for deployment, you should not store files within the container’s filesystem.
This integration allows you to delegate storing such files to Amazon’s S3 service.
Environment variables
Variable Name | Description |
---|---|
AWS_ACCESS_KEY_ID | Your AWS access key. |
AWS_DEFAULT_ACL | Access Control List for uploaded files. By default, none is assigned. |
AWS_MEDIA_BUCKET_NAME | The S3 bucket name to use for the media files. |
AWS_MEDIA_CUSTOM_DOMAIN | The custom domain to use for the media bucket. |
AWS_MEDIA_PRIVATE_BUCKET_NAME | The S3 bucket name to use for the private media. |
AWS_QUERYSTRING_AUTH | Enabling query parameter authentication from the generated URLs. |
AWS_QUERYSTRING_EXPIRE | The number of seconds which a generated URL is valid for. |
AWS_SECRET_ACCESS_KEY | Your AWS secret access key. |
AWS_STATIC_CUSTOM_DOMAIN | The custom domain to use for the static bucket. |
AWS_STORAGE_BUCKET_NAME | The S3 bucket name to use for the static files. |
Serving media files from an S3 bucket
"Media files" are the files uploaded through the dashboard. They include product images, category images, and non-image files. If you want to use S3 to store and serve media files, you need to configure at least the bucket name (see table above). A custom domain will allow you to use your CloudFront distribution or the public domain of your S3 bucket's static hosting. If you are experiencing problems accessing uploaded files, ensure that permissions are correctly configured (AWS_DEFAULT_ACL environment variable).
Serving static files from an S3 bucket
"Static files" are assets required for Saleor to operate. They include assets used in default email templates. If you also wish to use S3 for your static files, you need to configure at least the bucket name (see table above). A custom domain will allow you to use your CloudFront distribution or the public domain of your S3 bucket's static hosting.
Cross-Origin Resource Sharing
You need to configure your S3 bucket to allow cross-origin requests for some files to be properly served (SVG files, Javascript files, etc.) under the permissions tab. An example configuration that allows all hosts and headers is as below:
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "HEAD"],
"AllowedOrigins": ["*"],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
Refer to the AWS CORS documentation for more details.
Storing private media files on S3 bucket
"Private media files" are files generated by Saleor backend e.g. webhook event delivery payloads. If you want to use S3 to store private media files, you need to configure the bucket name (see table above).
These files may contain sensitive information. Make sure that public access and static website hosting are disabled for this bucket.