uppy/examples/aws-nodejs/README.md
Prakash 50de6d1066
update aws-nodejs examples (#6187)
- removed old examples , entirely remove withCustomEndpoints.html as
every s3 operations are now handled by s3mini so no need of it.
- add new examples and update README.md
2026-06-17 13:54:47 +05:30

123 lines
3.4 KiB
Markdown

# Uppy + AWS S3 with Node.JS
A simple and fully working example of Uppy and AWS S3 storage with a Node.js
(Express.js) backend. It demonstrates two signing modes:
- **Client-side signing (STS)** — The server issues temporary credentials via
`GET /s3/sts`. The browser signs S3 requests locally using SigV4.
- **Server-side signing (presigned URLs)** — The browser sends each S3 operation
to `POST /s3/presign`. The server generates a presigned URL; the browser uses
it directly.
## AWS Configuration
It's assumed that you are familiar with AWS, at least, with the storage service
(S3) and users & policies (IAM).
These instructions are **not fit for production**, tightening the security is
out of the scope here.
### S3 Setup
Assuming you're trying to setup the user `MY-UPPY-USER` to put the uploaded
files to the bucket `MY-UPPY-BUCKET`, here's how you can allow `MY-UPPY-USER` to
get STS Federated Token and upload files to `MY-UPPY-BUCKET`:
1. Set CORS settings on `MY-UPPY-BUCKET` bucket:
```json
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "PUT", "HEAD", "POST", "DELETE"],
"AllowedOrigins": ["*"],
"ExposeHeaders": ["ETag", "Location"]
}
]
```
2. Add the following Policy to `MY-UPPY-BUCKET`:
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MyMultipartPolicyStatement1",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::*:user/MY-UPPY-USER"
},
"Action": [
"s3:PutObject",
"s3:PutObjectAcl",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"
],
"Resource": "arn:aws:s3:::MY-UPPY-BUCKET/*"
}
]
}
```
3. Add the following Policy to `MY-UPPY-USER`: (required for client-side signing
via the STS endpoint)
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MyStsPolicyStatement1",
"Effect": "Allow",
"Action": ["sts:GetFederationToken"],
"Resource": ["arn:aws:sts::*:federated-user/*"]
}
]
}
```
### AWS Credentials
You may use existing AWS credentials or create a new user in the IAM page.
- Make sure you setup the AWS credentials properly and write down the Access Key
ID and Secret Access Key.
- You may configure AWS S3 credentials using
[environment variables](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/loading-node-credentials-environment.html)
or a
[credentials file in `~/.aws/credentials`](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html).
## Prerequisites
Download this code or clone repository into a folder and install dependencies:
```sh
CYPRESS_INSTALL_BINARY=0 corepack yarn install
```
Add a `.env` file to the root directory and define the S3 bucket name and port
variables like the example below:
```
COMPANION_AWS_BUCKET=MY-UPPY-BUCKET
COMPANION_AWS_REGION=…
COMPANION_AWS_KEY=…
COMPANION_AWS_SECRET=…
PORT=8080
```
N.B.: This example uses `COMPANION_AWS_` environment variables to facilitate
integrations with other examples in this repository, but this example does _not_
use Companion at all.
## Enjoy it
Start the application:
```sh
corepack yarn workspace @uppy-example/aws-nodejs start
```
Dashboard demo should now be available at http://localhost:8080.
_Feel free to check how the demo works and feel free to open an issue._