summaryrefslogtreecommitdiff
path: root/docs/guides/s3-image-upload.md
blob: 740dec53b451f96a91953d527fcc97832aa6f1c4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# Guide - Setup HedgeDoc S3 image upload

**Note:** *This guide was written before the renaming. Just replace `HackMD` with `HedgeDoc` in your mind :smile: thanks!*

1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket.
   ![create-bucket](../images/s3-image-upload/create-bucket.png)

2. Click on bucket, select **Properties**  on the side panel, and find **Permission** section. Click **Edit bucket policy**.
   ![bucket-property](../images/s3-image-upload/bucket-property.png)

3. Enter the following policy, replace `bucket_name` with your bucket name:
   ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png)

    ```json
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": "*",
                "Action": "s3:GetObject",
                "Resource": "arn:aws:s3:::bucket_name/uploads/*"
            }
        ]
    }
    ```

4. Go to IAM console and create a new IAM user. Remember your user credentials(`key`/`access token`)

5. Enter user page, select **Permission** tab, look at **Inline Policies** section, and click **Create User Policy**
   ![iam-user](../images/s3-image-upload/iam-user.png)

6. Select **Custom Policy**
   ![custom-policy](../images/s3-image-upload/custom-policy.png)

7. Enter the following policy, replace `bucket_name` with your bucket name:
   ![review-policy](../images/s3-image-upload/review-policy.png)

    ```json
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "s3:*"
                ],
                "Resource": [
                    "arn:aws:s3:::bucket_name/uploads/*"
                ]
            }
        ]
    }
    ```

8. Edit `config.json` and set following keys:

   ```javascript
   {
     "production": {
       ...
       "imageuploadtype": "s3",
       "s3": {
         "accessKeyId": "YOUR_S3_ACCESS_KEY_ID",
         "secretAccessKey": "YOUR_S3_ACCESS_KEY",
         "region": "YOUR_S3_REGION" // example: ap-northeast-1
       },
       "s3bucket": "YOUR_S3_BUCKET_NAME"
     }
   }
   ```

9. In additional to edit `config.json` directly, you could also try [environment variables](../configuration-env-vars.md).

## Related Tools

- [AWS Policy Generator](http://awspolicygen.s3.amazonaws.com/policygen.html)