From: Set up file and image uploads to S3 - sysadmin - Discourse Meta
Go to S3 and click on Create bucket , then fill out the Bucket name . Click the ACLs Enabled box.
- Uncheck Block all public access
- check Block public access to buckets and objects granted through new public bucket or access point policies
- check Block public and cross-account access to buckets and objects through any public bucket or access point policies
access the AWS Identity and Access Management (IAM) console and create a new policy (or use that direct link). Click the json tab and paste the following:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:List*",
"s3:Get*",
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutObjectVersionAcl",
"s3:PutLifecycleConfiguration",
"s3:CreateBucket",
"s3:PutBucketCORS"
],
"Resource": [
"arn:aws:s3:::=BUCKETNAME=",
"arn:aws:s3:::=BUCKETNAME=/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Resource": "*"
}
]
}
Policy name
=BUCKETNAME=
Description
=BUCKETNAME= discourse bucket
Now go to users tab and add a user
- Check the Access key - Programmatic access box and click next, and then Attach existing policies directly and select =BUCKETNAME= or whatever you named the policy above.
Add ENVs to inventory
discourse_extra_envs:
- "DISCOURSE_USE_S3: true"
- "DISCOURSE_S3_REGION: '=REGION='"
- "DISCOURSE_S3_ACCESS_KEY_ID: '=ACCESS_KEY='"
- "DISCOURSE_S3_SECRET_ACCESS_KEY: '=SECRET='"
- "DISCOURSE_S3_CDN_URL: 'https://=BUCKETNAME=-s3.bcnd.literatehosting.com.'"
- "DISCOURSE_S3_BUCKET: '=BUCKETNAME='"
- "DISCOURSE_S3_BACKUP_BUCKET: '=BUCKETNAME=/backups'"
- "DISCOURSE_BACKUP_LOCATION: 's3'"
- "DISCOURSE_MAXIMUM_BACKUPS: 14"
- "DISCOURSE_BACKUP_FREQUENCY: 1"
- "DISCOURSE_AUTOMATIC_BACKUPS_ENABLED: true"