Gathering detailed insights and metrics for strapi-provider-upload-aws-s3-advanced
Gathering detailed insights and metrics for strapi-provider-upload-aws-s3-advanced
Gathering detailed insights and metrics for strapi-provider-upload-aws-s3-advanced
Gathering detailed insights and metrics for strapi-provider-upload-aws-s3-advanced
@strapi/provider-upload-aws-s3
AWS S3 provider for strapi upload
@aws-sdk/credential-provider-node
AWS credential provider that sources credentials from a Node.JS environment.
@aws-sdk/lib-storage
Storage higher order operation
@strapi/provider-upload-local
Local provider for strapi upload
npm install strapi-provider-upload-aws-s3-advanced
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
27 Stars
78 Commits
23 Forks
3 Watching
5 Branches
6 Contributors
Updated on 29 Aug 2024
Minified
Minified + Gzipped
TypeScript (98.38%)
JavaScript (1.62%)
Cumulative downloads
Total Downloads
Last day
25.5%
128
Compared to previous day
Last week
26.1%
653
Compared to previous week
Last month
-28.1%
3,213
Compared to previous month
Last year
-1.2%
62,352
Compared to previous year
[!IMPORTANT] This package is no longer maintained, most notably because all additions of this plugin were implemented in the upstream plugin as well, namely
baseUrl
,prefix
, and Typescript support. Strapi maintains the in-tree plugin and keeps it up with NodeJS versions, which this plugin no longer receives updates for. Because of breaking changes and active deprecation of the AWS-SDKv2 causing too much work for us, we are retiring any further development of this plugin. Please use strapi's in-treeupload-aws-s3
provider, if you are on a fairly recent version of strapi.
This extends the original configurability of the provider by adding both a
baseUrl
, which may be your CDN URL, which replaces the endpoint returned from
AWS with a custom URL, and prefix
, which does exactly that: prefixes the
object's path such that we do not strictly upload into the buckets root
directory. This can be used to keep the bucket organized, or using a singular bucket
for multiple services. Other than that you can put e.g. CloudFront Caching in front of the
bucket and only expose the CloudFront URL to e.g. save traffic costs that come from
direct bucket access.
Everything else follows the regular strapi-provider-upload-aws-s3 schema.
Your configuration is passed down to the provider. You can see the complete list of options here
See the using a provider documentation for information on installing and using a provider. And see the environment variables for setting and using environment variables in your configs.
To upload with ACLs, make sure that the S3 user has abilities "s3:PutObjectACL" in addition to the regular "s3:PutObject" ability. Otherwise S3 will reject the upload with "Access Denied".
If you cannot provide access key and secret, but instead use other (AWS) tools
to authenticate to your bucket, omit providerOptions.accessKeyId
and
providerOptions.secretAccessKey
. For more, see
https://github.com/zoomoid/strapi-provider-upload-aws-s3-advanced/pull/14.
./config/plugins.js
1module.exports = ({ env }) => ({ 2 // ... 3 upload: { 4 provider: "aws-s3-advanced", 5 providerOptions: { 6 accessKeyId: env("AWS_ACCESS_KEY_ID"), 7 secretAccessKey: env("AWS_ACCESS_SECRET"), 8 region: env("AWS_REGION"), 9 params: { 10 bucket: env("AWS_BUCKET"), // or "Bucket", @aws-sdk requires capitalized properties, but the convention for this file is lowercased, but the plugin understands both 11 acl: env("AWS_BUCKET_ACL"), // or "ACL", see above 12 }, 13 baseUrl: env("CDN_BASE_URL"), // e.g. "https://cdn.example.com", this is stored in strapi's database to point to the file 14 prefix: env("BUCKET_PREFIX"), // e.g. "strapi-assets". If BUCKET_PREFIX contains leading or trailing slashes, they are removed internally to construct the URL safely 15 }, 16 }, 17 // ... 18});
If using strapi >= 4.0.0, please use the below config:
./config/plugins.js
1module.exports = ({ env }) => ({ 2 // ... 3 upload: { 4 config: { 5 provider: "strapi-provider-upload-aws-s3-advanced", 6 providerOptions: { 7 accessKeyId: env("AWS_ACCESS_KEY_ID"), 8 secretAccessKey: env("AWS_ACCESS_SECRET"), 9 region: env("AWS_REGION"), 10 params: { 11 bucket: env("AWS_BUCKET"), // or "Bucket", @aws-sdk requires capitalized properties, but the convention for this file is lowercased, but the plugin understands both 12 acl: env("AWS_BUCKET_ACL"), // or "ACL", see above 13 }, 14 baseUrl: env("CDN_BASE_URL"), // e.g. "https://cdn.example.com", this is stored in strapi's database to point to the file 15 prefix: env("BUCKET_PREFIX"), // e.g. "strapi-assets". If BUCKET_PREFIX contains leading or trailing slashes, they are removed internally to construct the URL safely 16 }, 17 }, 18 }, 19 // ... 20});
If you need to extend the configuration of the S3 client with additional
properties, put them into providerOptions.params
. The params
object is
spread into the S3 configuration at initialization, so it will accept any
additional configuration this way.
Note: If you are migrating from a pre-4.0.0 version (i.e. v3.6.8 or earlier), the
files
relation will includeaws-s3-advanced
as the provider. Previously, the prefix "strapi-upload-provider" was assumed to always be present for upload provider plugins. This is no longer the case in >= 4.0.0, hence when uploading with the newer version of this provider, strapi will insert new files with the full provider package name, i.e.,strapi-provider-upload-aws-s3-advanced
. See Migration for details on the required manual work.
To allow the thumbnails to properly populate, add the below config to
./config/middlewares.js
1module.exports = ({ env }) => [ 2 // ... 3 { 4 name: "strapi::security", 5 config: { 6 contentSecurityPolicy: { 7 useDefaults: true, 8 directives: { 9 "connect-src": ["'self'", "https:"], 10 "img-src": ["'self'", "data:", "blob:", `${env("CDN_BASE_URL")}`], 11 "media-src": ["'self'", "data:", "blob:", `${env("CDN_BASE_URL")}`], 12 upgradeInsecureRequests: null, 13 }, 14 }, 15 }, 16 }, 17 // ... 18];
You don't need to do anything on your end except updating the dependencies.
v5.0.0 rewrites the entire provider in Typescript and introduces Unit Tests, among deprecating NodeJS versions lower than v14. Specifically the last aspect requires a new major version. Other than that, nothing changed in terms of configuration surface.
To allow for an empty baseUrl
(#9), we made some adjustments to the way the
configuration is parsed: in your plugins.js
, env("CDN_BASE_URL")
uses
strapi's helper function for parsing ENV variables. If any second argument is
omitted, undefined
is returned. Thus, if your ENV does not contain any value
for CDN_BASE_URL
, you are good to go. Undefined baseUrl
causes the plugin to
prepend the cannonic default endpoint of your storage provider, e.g.,
https://mystoragebucket.s3.amazonaws.com
.
If instead you defined CDN_BASE_URL
to be ""
, the env
helper returns
that empty string. Previously, this was treated as the same case as using
undefined
. In some scenarios however you might not want this, e.g., local
development. Thus, we now check explicitly for undefinedness instead of the
prior truthiness.. If you defined CDN_BASE_URL
to be an empty string and
relied upon the prepending of the cannonical default endpoint, change your ENV
variable either explicitly to the endpoint's URL or make it undefined.
Strapi now uses the full package name as provider name, as seen in the
configuration of the provider in the Example section above. This means that the
relation will include different provider names when using the newer version of
this provider with strapi >= 4.0.0 on data from pre-4.0.0. In particular, you
will find that the pre-4.0.0 files
will have the provider aws-s3-advanved
,
while the newer ones will have strapi-provider-aws-s3-advanved
. If you're
not going to change the existing files in your CDN, you will not need to take
any actions. The provider attribute is only used for mapping the handler for
creating or deleting files to the handlers defined in this provider. Files
will remain readable with the old provider and new files will be added with the
new provider name. Only if you want to delete old files from the new provider,
you will be required to adapt the files
table.
In strapi >= 4.0.0, only SQL databases are officially supported, so we will only provide queries for the supported backends:
1UPDATE files SET provider = 'strapi-provider-upload-aws-s3-advanced' WHERE provider = 'aws-s3-advanced';
1UPDATE `files` SET `provider` = `strapi-provider-upload-aws-s3-advanced` WHERE `provider` = `aws-s3-advanced`;
1UPDATE files SET provider = 'strapi-provider-upload-aws-s3-advanced' WHERE provider = 'aws-s3-advanced';
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
Reason
Found 2/14 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More