Configure your AWS S3 bucket

Custom S3 Bucket is a BEE Plugin application configuration feature that allows you to easily connect your own Amazon Web Services S3 bucket to your BEE Plugin application.

By leveraging this feature, you will be able to store and manage your customers’ assets without having to build a new File System Provider, but rather by providing a compliant folder structure and filling out a simple form.

  1. How are images stored?
  2. Shared assets
  3. S3 configuration
  4. Filling out the form to connect your AWS S3 bucket
  5. Testing your settings
  6. Moving from the default S3 bucket

How are images stored?

Our default file system provider uses two first level folders to manage assets:

  • Images folder – It defines where the user’s images will be stored.
  • Thumbnails folder – Is used by our API to store the thumbnails of the uploaded images.

These folders can be root folders or can be part of a more complex directory structure.

A few notes and recommendations:

  • These folders should not be parents/children between themselves.
  • Their name is restricted by AWS standard naming restrictions.
  • For performance reasons, you should use a dedicated bucket and place these folders in the root.
  • The S3 bucket must be publicly accessible.
  • The S3 bucket Access Control List (ACL) should ensure “List objects, Write objects, and Write bucket permissions” are disabled for the Everyone user.

Shared assets

As an additional configuration option, you can provide shared files to your users, something that we do in the free version of the BEE editor at beefree.io. These images are shown to all your customers as read-only assets.

The most common use case is providing sample images for the user’s first experience with the editor. Other use cases include providing application-specific images or documents that must not be deleted by the user.

To use this option you need to set-up two additional folders:

  • Shared images folder – This is the folder that your users will browse through the file manager.
  • Shared thumbnails folder – While the user images thumbnails are created when the images are uploaded, there is no automatic thumbnail creation for shared images. You must provide your own thumbnails using these settings:
    • 200px as max. width/height (this guarantee a correct preview in the file manager)
    • Name: original_image_name.ext_thumb.png (so the thumbnail for cat.jpg must be cat.jpg_thumb.png)
    • PNG: use only PNG as image format

S3 configuration

The key to using an S3 bucket is in the permissions and policy.

When you click on the “Policy Generator” follow these steps:

1.  set the type to “s3 bucket policy”

2.  set the effect to “Allow”

3.  Set the principal to “*”

4.  Set aws service to “Amazon S3”

5. Set Action to “GetObject”

6.  Set the ARN to “arn:aws:s3:::myBucketName/*”

Example



{"Id":"Policy1519234863822","Version":"2012-10-17","Statement":[{"Sid":"Stmt1519234859230","Action":["s3:GetObject"],"Effect":"Allow","Resource":"arn:aws:s3:::myBucketName\/*","Principal":{"AWS":["*"]}}]}


Filling out the form to connect your AWS S3 bucket

Once you have set up a compliant folder structure, you can use the form in the developer portal to connect your application. It’s one of the available server-side configurations for your BEE Plugin application (Application details > Open configuration > Storage options).

This is a description of the form fields and what information you will need to provide in each of them:

Parameter Description Required
Bucket name The name you assigned to the bucket when you created it. Yes
Access key & Access secret key You can provide AWS Root Account Credentials or IAM User Credentials (we recommend the second option for security reasons). The provided account must have read and write access to the given bucket. More about AWS credentials. Yes
Select Region AWS region where you created the bucket. Uses EU as the default setting. Yes
Images Path The relative path (from the bucket root) to the images folder described above (use “/” symbol as path delimiter). Yes
Thumbnails Path The relative path (from the bucket root) to the thumbnails folder described above (use “/” symbol as path delimiter). Yes
Shared images path The relative path (from the bucket root) to the shared images folder described above. Cannot be the bucket root (use “/” symbol as path delimiter). No
Shared thumbnails Path The relative path (from the bucket root) to the shared thumbnails folder described above. Cannot be the bucket root (use “/” symbol as path delimiter). No

Example using single folders in the bucket root:

Example using single nested folders:

Testing your settings

The button will become active once all required fields have been correctly filled out. It allows you to test your settings before saving the updated configuration. We recommend that you do so before saving any changes.

Moving from the default S3 bucket

If your BEE Plugin application is currently using the default S3 bucket, you wish to switch to your own bucket, and you have files that you want to transfer between the two, please contact us.