## Setting up AWS
Set the following environment variables:
-
s3_bucket- e.g.senoia-dev -
s3_region- e.g.us-west-1
Set the following in secrets.yml:
-
aws_access_key_id -
aws_secret_access_key
The AWS user needs to be able to write to the S3 bucket as well as the ability to list all buckets. Here’s an example policy:
“‘json {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::senoia-dev",
"arn:aws:s3:::senoia-dev/*"
]
}
]
} “‘
In the AWS bucket, set the CORS configuration to the following:
(Bucket Properties -> Permissions -> Edit CORS Configuration)
“‘xml <?xml version=“1.0” encoding=“UTF-8”?> <CORSConfiguration xmlns=“s3.amazonaws.com/doc/2006-03-01/”>
<CORSRule>
<AllowedOrigin>https://senoia-dev.herokuapp.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration> ““
The direct upload will fail on a newly-created bucket until the DNS records propagate.