Configure AWS S3 bucket for remote storage
The Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. The AWS S3 service uses buckets, or containers, for data storage. This configuration requires you to create a private bucket.
Magento highly discourages the use of public buckets because it poses a serious security risk.
To enable remote storage with the AWS S3 adapter:
-
Log in to your Amazon S3 dashboard and create a private bucket.
-
Set up AWS IAM roles. Alternatively, generate access and secret keys.
-
Configure Magento to use the private bucket. See Remote storage options for a full list of parameters.
1
bin/magento setup:config:set --remote-storage-driver="aws-s3" --remote-storage-bucket="<bucket-name>" --remote-storage-region="<region-name>" --remote-storage-prefix="<optional-prefix>" --remote-storage-key=<optional-access-key> --remote-storage-secret=<optional-secret-key> -n
Configure Nginx
Nginx requires an additional configuration to perform Authentication with the proxy_pass directive. Add the following proxy information to the nginx.conf file:
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
# Proxying to AWS S3 storage.
resolver 8.8.8.8;
set $bucket "<s3-bucket-name>";
proxy_pass https://s3.amazonaws.com/$bucket$uri;
proxy_pass_request_body off;
proxy_pass_request_headers off;
proxy_intercept_errors on;
proxy_hide_header "x-amz-id-2";
proxy_hide_header "x-amz-request-id";
proxy_hide_header "x-amz-storage-class";
proxy_hide_header "Set-Cookie";
proxy_ignore_headers "Set-Cookie";
}
Authentication
If you use access and secret keys instead of AWS IAM roles, you must include the ngx_aws_auth Nginx module.
Permissions
The S3 integration relies on being able to generate and store cached images on the local file system. Therefore, folder permissions for pub/media or similar, should be the same as if you were using local storage.