hedgedoc/docs/guides/s3-image-upload.md

Guide - Setup CodiMD S3 image upload
===

**Note:** *This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!*

1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket.

    ![create-bucket](../images/s3-image-upload/create-bucket.png)

2. Click on bucket, select **Properties**  on the side panel, and find **Permission** section. Click **Edit bucket policy**.

    ![bucket-property](../images/s3-image-upload/bucket-property.png)

3. Enter the following policy, replace `bucket_name` with your bucket name:

    ![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png)

    ```json
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": "*",
                "Action": "s3:GetObject",
                "Resource": "arn:aws:s3:::bucket_name/uploads/*"
            }
        ]
    }
    ```

4. Go to IAM console and create a new IAM user. Remember your user credentials(`key`/`access token`)

5. Enter user page, select **Permission** tab, look at **Inline Policies** section, and click **Create User Policy**

    ![iam-user](../images/s3-image-upload/iam-user.png)

6. Select **Custom Policy**

    ![custom-policy](../images/s3-image-upload/custom-policy.png)

7. Enter the following policy, replace `bucket_name` with your bucket name:

    ![review-policy](../images/s3-image-upload/review-policy.png)

    ```json
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "s3:*"
                ],
                "Resource": [
                    "arn:aws:s3:::bucket_name/uploads/*"
                ]
            }
        ]
    }
    ```

8. Edit `config.json` and set following keys:

    ```javascript
    {
        "production": {
            ...
            "imageuploadtype": "s3",
            "s3": {
                "accessKeyId": "YOUR_S3_ACCESS_KEY_ID",
                "secretAccessKey": "YOUR_S3_ACCESS_KEY",
                "region": "YOUR_S3_REGION" // example: ap-northeast-1
            },
            "s3bucket": "YOUR_S3_BUCKET_NAME"
        }
    }
    ```

9. In additional to edit `config.json` directly, you could also try [environment variables](../configuration-env-vars.md).

## Related Tools

* [AWS Policy Generator](http://awspolicygen.s3.amazonaws.com/policygen.html)
Import meta-files These files are imported from HedgeDoc 1 / the master branch. Signed-off-by: David Mehren <git@herrmehren.de> 2022-01-23 21:02:58 +00:00			`Guide - Setup CodiMD S3 image upload`
			`===`

			Note: This guide was written before the renaming. Just replace `HackMD` with `CodiMD` in your mind :smile: thanks!

			`1. Go to [AWS S3 console](https://console.aws.amazon.com/s3/home) and create a new bucket.`

			`![create-bucket](../images/s3-image-upload/create-bucket.png)`

			`2. Click on bucket, select Properties on the side panel, and find Permission section. Click Edit bucket policy.`

			`![bucket-property](../images/s3-image-upload/bucket-property.png)`

			3. Enter the following policy, replace `bucket_name` with your bucket name:

			`![bucket-policy-editor](../images/s3-image-upload/bucket-policy-editor.png)`

			```json
			`{`
			`"Version": "2012-10-17",`
			`"Statement": [`
			`{`
			`"Effect": "Allow",`
			`"Principal": "*",`
			`"Action": "s3:GetObject",`
			`"Resource": "arn:aws:s3:::bucket_name/uploads/*"`
			`}`
			`]`
			`}`
			```

			4. Go to IAM console and create a new IAM user. Remember your user credentials(`key`/`access token`)

			`5. Enter user page, select Permission tab, look at Inline Policies section, and click Create User Policy`

			`![iam-user](../images/s3-image-upload/iam-user.png)`

			`6. Select Custom Policy`

			`![custom-policy](../images/s3-image-upload/custom-policy.png)`

			7. Enter the following policy, replace `bucket_name` with your bucket name:

			`![review-policy](../images/s3-image-upload/review-policy.png)`

			```json
			`{`
			`"Version": "2012-10-17",`
			`"Statement": [`
			`{`
			`"Effect": "Allow",`
			`"Action": [`
			`"s3:*"`
			`],`
			`"Resource": [`
			`"arn:aws:s3:::bucket_name/uploads/*"`
			`]`
			`}`
			`]`
			`}`
			```

			8. Edit `config.json` and set following keys:

			```javascript
			`{`
			`"production": {`
			`...`
			`"imageuploadtype": "s3",`
			`"s3": {`
			`"accessKeyId": "YOUR_S3_ACCESS_KEY_ID",`
			`"secretAccessKey": "YOUR_S3_ACCESS_KEY",`
			`"region": "YOUR_S3_REGION" // example: ap-northeast-1`
			`},`
			`"s3bucket": "YOUR_S3_BUCKET_NAME"`
			`}`
			`}`
			```

			9. In additional to edit `config.json` directly, you could also try [environment variables](../configuration-env-vars.md).

			`## Related Tools`

			`* [AWS Policy Generator](http://awspolicygen.s3.amazonaws.com/policygen.html)`