{"id":3380,"date":"2014-12-08T12:50:13","date_gmt":"2014-12-08T18:50:13","guid":{"rendered":"http:\/\/bililite.com\/blog\/?p=3380"},"modified":"2014-12-08T13:26:44","modified_gmt":"2014-12-08T19:26:44","slug":"working-with-amazon-s3","status":"publish","type":"post","link":"https:\/\/bililite.com\/blog\/2014\/12\/08\/working-with-amazon-s3\/","title":{"rendered":"Working with Amazon S3"},"content":{"rendered":"<p>I use <a href=\"http:\/\/aws.amazon.com\/\">Amazon S3<\/a> for static storage, since nearlyfreespeech.net charges for storage. I've written how I've set up my <a href=\"\/blog\/2012\/04\/02\/using-nfs-net-with-amazon-s3\/\" title=\"Using NFS.net with Amazon S3\">.htaccess<\/a> and my <a href=\"\/blog\/2012\/04\/03\/using-s3-files-in-php\/\" title=\"Using S3 files in PHP\">PHP files<\/a> to use it. But now my work has decided to block all access to S3 (as \"personal storage sites\"), so I can't use my <code>bililite.s3.amazonaws.com<\/code> sites any more.<\/p>\n<p>But I'm smarter than that; I'll just use a CNAME DNS entry to point to the S3 site. They're not blocking <code>cdn.bililite.com<\/code>. Unfortunately, it's not that simple. Amazon uses the domain to determine the bucket, so <code>cdn.bililite.com<\/code> <em>has<\/em> to point to <code>cdn.bililite.com.s3.amazonaws.com.<\/code> (remember that external CNAME's have to have the extra period at the end!), meaning the bucket called <code>cdn.bililite.com<\/code>, and I have been using <code>bililite<\/code> as my bucket name.<\/p>\n<p>You can't rename a bucket. So I have to create a new bucket called <code>cdn.bililite.com<\/code>, and now I have to copy all the files from the old one. That's also not so simple, since downloading from one bucket and uploading to another takes <em>forever<\/em> for thousands of small files. Luckily, Amazon has created a <a href=\"http:\/\/docs.aws.amazon.com\/cli\/latest\/userguide\/cli-chap-welcome.html\">command line interface<\/a> to S3 that lets you do in-the-cloud copying.<\/p>\n<p>Download and install that, then go to Powershell. Enter<\/p>\n<pre><code>aws configure<\/code><\/pre>\n<p>and enter your AWS keys (you can enter a default region as well). Note that these are kept in plaintext in <code>~\/.aws\/credentials<\/code>, so keep your computer safe!<\/p>\n<p>Then, <code>aws s3 ls<\/code> will list all of your buckets, and <code>aws s3api get-bucket-location --bucket <em>bucketname<\/em><\/code> will list the region. <code>None<\/code> as a region name means <code>us-east-1<\/code>, as far as I can tell.<\/p>\n<p>To copy the entire bucket, do<\/p>\n<pre><code>aws s3 cp s3:\/\/<em>source-bucket<\/em> s3:\/\/<em>target-bucket<\/em> --recursive --region <em>region-of-target-bucket<\/em> --grants read=uri=http:\/\/acs.amazonaws.com\/groups\/global\/AllUsers<\/code><\/pre>\n<p>(if the region is the default region you set up with <code>aws configure<\/code>, you can leave out the <code>--region<\/code> option. I wasn't smart enough to include the <code>grants<\/code> option, which makes the copied objects public (hence <code>read=AllUsers<\/code>), and I couldn't figure out how to change the permissions with the command line interface, so I had to go back to the online Amazon AWS console and set the permissions there (open the bucket, select all the folders, and select \"Make Public\"). That took more than an hour, but at least it was in the cloud, not running on my computer.<\/p>\n<p>Now, in order to be able to load things like fonts which obey the cross origin restrictions (why fonts? I don't know. AJAX I can sort-of understand), in the AWS console, under <code>Permissions<\/code> select <code>Edit CORS Configuration<\/code> to:<\/p>\n<pre><code>&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\r\n&lt;CORSConfiguration xmlns=\"http:\/\/s3.amazonaws.com\/doc\/2006-03-01\/\"&gt;\r\n    &lt;CORSRule&gt;\r\n        &lt;AllowedOrigin&gt;*&lt;\/AllowedOrigin&gt;\r\n        &lt;AllowedMethod&gt;GET&lt;\/AllowedMethod&gt;\r\n    &lt;\/CORSRule&gt;\r\n&lt;\/CORSConfiguration&gt;<\/code><\/pre>\n<p>Now I have Amazon S3 access that is not blocked!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I use Amazon S3 for static storage, since nearlyfreespeech.net charges for storage. I've written how I've set up my .htaccess and my PHP files to use it. But now my work has decided to block all access to S3 (as \"personal storage sites\"), so I can't use my bililite.s3.amazonaws.com sites any more. But I'm smarter [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"_links":{"self":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3380"}],"collection":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/comments?post=3380"}],"version-history":[{"count":5,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions"}],"predecessor-version":[{"id":3387,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions\/3387"}],"wp:attachment":[{"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/media?parent=3380"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/categories?post=3380"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bililite.com\/blog\/wp-json\/wp\/v2\/tags?post=3380"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}