name | slug | description | framework | deployUrl |
---|---|---|---|---|
AWS S3 Image Upload |
aws-s3-image-upload |
Learn to use AWS S3 to upload images to your bucket. |
Next.js |
This is an example of a Next.js application allowing you to upload photos to an S3 bucket.
Option 1: Use an existing S3 bucket.
Retrieve your existing access key, secret key, S3 bucket region and name. Provide those values after clicking "Deploy" to automatically set the environment variables.
Option 2: Create an S3 bucket.
Execute create-next-app
with pnpm to bootstrap the example:
pnpm create next-app --example https://github.com/vercel/examples/tree/main/solutions/aws-s3-image-upload
- Create a new S3 Bucket.
- In Object Ownership, select "ACLs enabled" and "Bucket owner prefered"
- In Block Public Access settings for this bucket, uncheck "Block all public access".
- Create a new IAM User.
- Select "Attach policies directly".
- Add
s3:DeleteObject
,s3:GetObject
,s3:ListBucket
,s3:PutObject
,s3:PutObjectAcl
- Save the access key and secret key for the IAM User.
- Select the newly created user (IAM > Users > "your-user") and navigate to "Security Credentials".
- Under "Access Keys", create a key and save this information. We will use this in the next step.
- Create an
.env.local
file similar to.env.example
.- In your
env.local
file, use the information from your access key, along with the region and bucket name. - Do not adjust the naming of the keys, only input your values. This is to ensure S3 Client can read them as defaults.
- In your
- Configure CORS to enable uploads from your browser.
- Navigate to your bucket, and go to the "Permissions" tab.
- Scroll down to find "Cross-origin resource sharing (CORS)" and click "Edit" on the right side.
- Paste the following code below.
[ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "GET", "PUT", "POST", "DELETE" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [] } ]
- Run
pnpm dev
ornpm run dev
to start the Next.js app at http://localhost:3000. - Choose a
.png
or.jpg
file. - You should see your file successfully uploaded to S3.
This example uses createPresignedPost
instead of getSignedUrlPromise
to allow setting max/min file sizes with content-length-range
.
Deploy it to the cloud with Vercel (Documentation).
AWS credentials (e.g. AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
) and region configuration (e.g. AWS_REGION
) can now be used directly as environment variables for Vercel deployments.
These variables are the default names expected by the AWS SDK, which means the user no longer has to configure credentials when using it. For example, this code is no longer necessary:
const s3 = new S3Client({
accessKeyId: process.env.ACCESS_KEY,
secretAccessKey: process.env.SECRET_ACCESS_KEY,
region: process.env.REGION,
})
Instead, it can be replaced with this:
const client = new S3Client({ region: process.env.AWS_REGION });
Source: AWS Environment Variable Default “Load Credential”
The SDK will pick up the credentials from the environment automatically.
pnpm dev
ornpm run dev
– Starts the Next.js app atlocalhost:3000
.
- AWS Environment Variables: https://docs.aws.amazon.com/sdkref/latest/guide/settings-reference.html
- AWS Environment Variable Default “Load Credential”: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
- How to use PresignedPost URLs (this example includes adding user id as metadata): https://advancedweb.hu/how-to-use-s3-post-signed-urls/
- AWS SDK v3 - S3Client Initalization (see Usage): https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-s3/index.html
- AWS SDK - Generate a Presigned Post: https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/modules/_aws_sdk_s3_presigned_post.html#generate-a-presigned-post
- AWS S3 POST Policy - Condition Matching (only allow images): https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html
- AWS ACL Permissions: https://stackoverflow.com/a/70550540/19416953