Link to plugin page: https://zeroqode.com/plugin/aws-file-uploader-1533465056312x784389392881156100
Demo to preview the settings
Introduction
AWS File Uploader Plugin is a powerful tool, that allows you or your users to upload files from Bubble apps directly to your AWS (Amazon Web Services) S3 Bucket without any file size limits.
The plugin comes with the multi-file uploader element as well as the S3 objects element that returns a list of all the files uploaded to your AWS S3 bucket or a special folder on that bucket. The plugin also allows you to delete S3 objects from your bucket.
Each uploaded file has its own visual progress bar, so you or your users can see the upload progress. Plugin will also return a state with file URL(s), file size(s), last modified date(s), etc.
Tutorial
How to Setup
To run this plugin you need the following to set it up on the AWS side:
1. AWS account
You can create the AWS account for free, just by visiting the following link: https://aws.amazon.com/console/
Please note that the AWS Free Tier has limitations like the number of free GET/POST requests per 12 months:
https://aws.amazon.com/s3/pricing/
https://aws.amazon.com/free/?nc1=h_ls&all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc
2. Create your first S3 bucket
- In the AWS services search bar at the top, type "S3" and click on "S3" in the dropdown to navigate to the S3 Dashboard or open this link
- Choose to Create bucket. The Create bucket page opens:
The bucket name must be created with the next conditions:
- The name should be between 3 and 63 characters long.
- Consist only of lowercase letters, numbers, dots (.), and hyphens (-). For best compatibility, we recommend that you avoid using dots (.) in bucket names, except for buckets that are used only for static website hosting.
- The name should begin and end with a letter or number.
After you create the bucket, you cannot change its name. For more information about naming buckets, see Bucket naming rules.
IMPORTANT! Avoid including sensitive information, such as account numbers, in the bucket name. The bucket name is visible in the URLs that point to the objects in the bucket.
- For Region, choose the AWS Region where you want the bucket to reside. To minimize latency and costs and address regulatory requirements, choose a Region close to you. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region.
- For a list of Amazon S3 AWS Regions, see AWS service endpoints in the Amazon Web Services General Reference.
- Under Object Ownership, to disable or enable ACLs and control ownership of objects uploaded in your bucket, choose one of the following settings:
ACLs disabled
- Bucket owner enforced – ACLs are disabled, and the bucket owner automatically owns and has full control over every object in the bucket. ACLs no longer affect access permissions to data in the S3 bucket. The bucket uses policies to define access control.
To require that all new buckets are created with ACLs disabled by using AWS Identity and Access Management (IAM) or AWS Organizations policies, see Disabling ACLs for all new buckets (bucket owner enforced).
ACLs enabled
- Bucket owner preferred – The bucket owner owns and has full control over new objects that other accounts write to the bucket with the
bucket-owner-full-control
canned ACL.
If you apply the bucket owner preferred setting, to require all Amazon S3 uploads to include the
bucket-owner-full-control
canned ACL, you can add a bucket policy that allows only object uploads that use this ACL.- Object writer – The AWS account that uploads an object owns the object, has full control over it and can grant other users access to it through ACLs.
- Under Block Public Access settings for this bucket, choose the Block Public Access settings that you want to apply to the bucket. We recommend that you keep all settings enabled unless you know that you need to turn off one or more of them for your use case, such as to host a public website. The Block Public Access settings that you enable for the bucket are also enabled for all access points that you create on the bucket. For more information about blocking public access, see Blocking public access to your Amazon S3 storage.
- (Optional) Under Bucket Versioning, you can choose if you wish to keep variants of objects in your bucket. For more information about versioning, see Using Versioning in S3 buckets. To disable or enable versioning on your bucket, choose either Disable or Enable.
- (Optional) Under Tags, you can choose to add tags to your bucket. Tags are key-value pairs used to categorize storage. To add a bucket tag, enter a Key and optionally a Value and choose to Add Tag.
- Under Default encryption, choose Edit.
- To configure default encryption, under the Encryption key type, choose one of the following ⚠️Please see in our screenshot how we create our bucket
2. Get credentials
- Navigate to Your Account: At the top-right corner of the AWS Management Console, you'll see your account name or number. Click on it to open the dropdown menu.
- From the dropdown, select the "Security Credentials" option.
- Access Keys Section: Once on the Security Credentials page, expand the "Access keys (access key ID and secret access key)" section.
- Create New Access Key:
-If you already have existing access keys, you'll see them listed here.
-To create a new access key, click the "Create New Access Key" button.
- Download Credentials: After creating a new access key, you'll have the option to download it as a
.csv
file. Save this file securely, as AWS will not show these credentials again for security reasons.
3. Setting Cross-origin and Politics.
CROSS Configuration is required for the case when your resources should not to be accessed by external resources.
For example, you set domain "https://your-domain/" in cross, this means that only apps with the domain "https://your-domain/" will be able to access AWS Bucket.
⚠️There are two ways for set cross-origin and bucket policy
- Set cross-origin and bucket policy from Bubble.
- On a test page in Bubble app, add a button and add the action "Set standard Cross-origin".
2. In AllowedOrigin - Enter the domains to which you want it to have access to the AWS bucket.
3. AllowedMethod - Check the checkbox for the methods to which the domain has access.
- GET - allow files to be accessed.
- PUT - allow files to be uploaded file.
- DELETE - allow files to be deleted.
- POST - allow files to be uploaded file.
2. Go to Preview and click our button with the action “Set standard Cross-origin”
3. Now, try to upload a file and if the upload is successful you can delete this page.
Second mode: Manual setting
Add security to your AWS bucket by configuring policies on the 'Permissions' tab:
In the next steps, we'll show you how to set Access Control, Bucket Policy, and CORS policy to get started with basic security restrictions.
1. In the 'Block public access' area unlock public access to all for time being.
2. In the 'Bucket Policy' area you can configure the rules for security and privacy via Bucket Policy. Take a look at the "Action", "Resource" and "Condition" fields where we grant access to reading the objects from our bucket.
In this case, we are granting read file access only to users from our application domain, so if a user gets an image URL and tries to open it in a new tab or a new window, the bucket policy will block this request because we stated in the privacy rules that the link can be opened only from our domain:
Here's a code example (JSON):
javascript{ "Version": "2012-10-17", "Statement": [ { "Sid": "AddPerm", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*", "Condition": { "StringLike": { "aws:Referer": "https://zeroqode-demo-02.bubbleapps.io/*" } } }, { "Sid": "AddPerm2", "Effect": "Allow", "Principal": "*", "Action": "*", "Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*" } ] }
YOUR-BUCKET-NAME - should be your S3 bucket name (ex: zeroqodedemo02).
You can find more Bucket Policy examples here. Feel free to try out other rules in order to improve your bucket security, since this documentation presents only our example of the settings.
3. In the Access control list (ACL) area make sure that all the options look like the image below to match our configuration:
4. Use the 'Cross-origin resource sharing' area to configure the CORS policy for the S3 bucket.
To configure access from all domains, you can use the following JSON for the CORS policy:
javascript[ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "GET", "PUT", "DELETE", "POST" ], "AllowedOrigins": [ "*" ], "ExposeHeaders": [ "ETag" ], "MaxAgeSeconds": 30000 } ]
Setting the CORS policy like this will allow everyone to change anything in your bucket, but you can definitely go deeper and set it up more securely.
For example, you can use the following JSON for CORS policy to allow access from your domain only (change the allowed origin to the URL of your app starting with https://)
javascript[ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "GET", "PUT", "DELETE", "POST" ], "AllowedOrigins": [ "https://yourdomain.com", "https://yourdomain.bubbleapps.io" ], "ExposeHeaders": [ "ETag" ], "MaxAgeSeconds": 30000 } ]
Note: We use CORS Configuration and Bucket Policy for informative purposes only for the test case.
For Access Permissions (CORS, Bucket Policy, Access Control List, etc.) please follow Amazon AWS's Setup Documentation to better understand your personal requirements.
❕https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html
❕https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-cors-configuration.html
❕https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html
7. First test of the key and the plugin settings
- Put on a page the plugin's element and text element, in the text element display the state "file URL”.
- Now you try to upload a file, if you get all with success, your page will be shown the file URL
Here's a good Introduction Video by Amazon Team on how to get started with Amazon S3 - https://www.youtube.com/watch?v=vFfY_-TL-pc
Plugin Elements Proprieties
The plugin has 3 visual elements: File uploader, S3 Objects, and File Upload No GUI. In order to work with one of the elements, you have to add it to the page.
File uploader element
This element lets you easily upload files into your S3 Bucket using the User Interface.
⚠️HEIC images require a license to be displayed and worked with on the web, which means that most modern browsers cannot utilise the crop feature with HEIC images. If your use case requires this functionality, please note that Safari on iOS, iPadOS, and macOS is the only browser that supports it currently.
Element properties
Title | Description | Type |
—–Settings for AWS—– | ||
Access Key | the access key that is in the downloaded file | Text |
Secret Key | the secret key that is in the downloaded file. | Text |
Session Token | is particularly used in situations where temporary authentication is needed, such as when an application needs to access AWS resources on behalf of the user but does not want to share the user's permanent credentials. In this case, the session token can be generated through an authentication and authorization process and then used to perform operations on AWS resources for a certain period of time.
❕ Using the session token can contribute to the security of applications because it allows for limiting privileges and access duration for AWS resources, minimizing exposure of users' or applications' permanent credentials (get the temporary keys once using the "Create Temporary Credentials" action). | Text (optional) |
Region | In AWS (Amazon Web Services), a "Region" is a specific geographical area where AWS has data centers. See picture below | Text |
Bucket Name | The name of the bucket in AWS. | Text |
Folder Structure | Structure to be used for uploaded files. If “folder_name/uuid_filename” and folder_name/filename” is chosen, provide the ‘Folder name’ value below. If in this case the ‘Folder name’ is not indicated, the folder name ‘unknown’ will be used Available options: uuid/filename, uuid_filename, folder_name/uuid_filename, folder_name/filename | Dropdown |
Folder Name or Path | The name to be used for the user folder on S3 bucket. Is used only if the ‘Folder structure’ property is set to ‘folder name/uuid_filename’ and ‘folder_name/filename’. | Text (optional) |
Add Prefix to File Name | if checked, file names will get custom prefixes to make it easier to locate them on S3 Bucket. | Checkbox (yes/no) |
File Names Prefix | Add a prefix. For prefix do not use any special characters like: ! $ # @ etc … | Text (optional) |
Rename File | Works only with one file. If selected uploading multiple files, ALL files will be renamed the same. | Text (optional) |
Ignore Hidden Files | When you upload a folder, and in it can will be hidden files, and they will not upload in AWS. | Checkbox (yes/no) |
—–Preview Settings—- | ||
Placeholder | default text description that will be displayed in the editor until there is something to preview | Text |
Disable Preview | If cheked, a file preview and captions are disabled. | Checkbox (yes/no) |
Cancel Button Caption | If specified then the caption for the Cancel button will be applied. If empty, the button will not appear. | Text |
Remove Button Caption | If specified then the caption for the Remove button will be applied. If empty, the button will not appear. | Text |
Resizable Element | When uploading a lot of files the element will resize. | Checkbox (yes/no) |
Hide ScrollBar | If this checkbox is checked and you are uploading a large number of files and the element size is NOT resizable, the scrollbar will be hidden. | Checkbox (yes/no) |
This Input is Clickable | the dropzone element itself will be clickable | Checkbox (yes/no) |
—–Files’ Restrictions—– | ||
Max File Size (mb) | Max file size (mb) | Number |
Text when File Too Big | The text that will be displayed when the file size is too big | Text |
Max Files | Maximum number of uploaded files. | Number (optional) |
Text when Max Files is Exceeded. | The text will be displayed when Max Files is exceeded. | Text |
Accepted Files Type | Types of files accepted for uploading. This is a comma separated list of mime types or file extensions. Example: image/*,application/pdf,.psd | Text |
Text when Invalid File Type | The text will be displayed when invalid file type. | Text |
—–Image Resize Before Uploading—– | ||
Allow Image Resizing | If checked, the uploaded images will be resized according to the filed values below. | Checkbox (yes/no) |
Image Resize Width | If set, images will be resized to these dimensions before uploaded | Number (optional) |
Image Resize Height | If set, images will be resized to these dimensions before uploaded | Number (optional) |
Image Resize Method | How the images should be scaled down in case both, “Image Resize Width” and “Image Resize Height” are provided. Available options: crop, contain | Dropdown (optional) |
Image Resize Quality | If set, images quality will be resized to before uploaded Available options: 0.2, 0.4, 0.6, 0.8, 1 | Dropdown (optional) |
—–Crop Settings—– | ||
Allow Image Cropping | Checkbox (yes/no) | |
Aspect Ratio | Define the initial aspect ratio of the crop box. By default, it is the same as the aspect ratio of the canvas (image wrapper).EX: 16 / 9 | Text |
Crop Window Title | Crop modal title | Text (optional) |
Crop Save Button Caption | Crop window save button caption. | Text (optional) |
Crop Cancel Button Caption | Crop window cancel button caption. | Text (optional) |
Initial Value | File to be uploaded to AWS initially | File (optional) |
Element actions
Reset input
Element events
Title | Description |
An Error Occurred | When an error occurred |
Current file uploaded | When uploading is finished |
Initial Value is Set | When initial file for uploading is set |
Added Max Files Limit and Event “file limit exceeded” | When upload files more limit files |
Uploading is Start | When uploading is start |
Start Cropping | When start Cropping |
End Cropping | When end cropping. |
All files uploaded | When all file are uploaded. |
Element states
Title | Description | Type |
File URL | File URL | Text |
Error Message | Error message | Text |
List of File Names in AWS | List of file names | Text |
File Name in AWS | File Name | Text |
List of File URL | List of file URL | Text |
Progress of Files Upload (%) | Progress | Number |
Upload Progress of Current File | Progress | Number |
List of Files Sizes (KB) | List of files sizes | Number |
File Size (KB) | File size | Number |
Images Width | Images width | Number |
Images Height | Images Height | Number |
Too Big Files | Too big files names | Text |
Cropped Images Width | Width of the cropped image | Number |
Copped Images Height | Height of the cropped image | Number |
Initial Value URL | URL of the file initially added for upload | Text |
File Name Original | Name of the last file uploaded | Text |
List of File Names Original | List of original file names | Text |
List of Files Type | List of file's type what was uploaded | Text |
File Type | The type of last file which was uploaded | Text |
Size File After Processing | The size of a file after cutting and resizing | Number |
File Upload No GUI element
This element lets you easily upload files into your S3 Bucket without a graphical user interface but should be placed on the page in order to interact:
Element properties
Title | Description | Type |
Access Key | the access key that is in the downloaded file. | Text |
Secret Key | the secret key that is in the downloaded file. | Text |
Session Token | It is the “Session Token” that our “Create Credentials” action gives you | Text (optional) |
Bucket Name | The name of the bucket in AWS. | Text |
Region | Bucket region | Text |
Placeholder | the title of the File Upload No GUI element | Text |
Unique file prefix format | Choose the unique file id format to be used for the uploaded files Available options: uuid_, zq_random | Dropdown |
Folder name | the directory within the S3 bucket where the uploaded files will be stored. If this property is provided, all uploaded files will be saved in the specified folder. If not provided, files will be stored at the root level of the bucket. | Text (optional) |
Display text placeholder only | If checked, in uploader will show only placeholder instead of file name after uploading | Checkbox (yes/no) |
Disabled | If checked the file input is disabled, and users cannot interact with it.
| Checkbox (yes/no) |
Instant upload | determines whether files should be uploaded immediately after they are selected. When this property is checked, the upload process starts automatically as soon as the user selects a file. When unchecked, the upload process must be triggered manually. | Checkbox (yes/no) |
Note: the uuid_ format prefix will always have a constant length of 36+1 = 37 characters, while for the prefix with the zq_random format, the length will vary.
Element actions
Upload File
Upload Files
Begin upload from input
Reset uploader
Element events
Title | Description |
Upload Start | Triggered when plugin starts uploading file. |
Upload End | Triggered when plugin finished file uploading. |
Error | Triggered when error’s happened. |
Element states
Title | Description | Type |
URL | Uploaded file URL. | Text |
Error | Error message. | Text |
AWS Name | Uploaded file name. | Text |
Size | File size in bytes. | Number |
Type | File type. | Text |
URls | the URLs of the files successfully uploaded to the S3 bucket | Text(list) |
Original Name | The original name of the file | Text |
S3 Objects
This element lets you get the list of files from the S3 Bucket. Should be placed on the page to get access to element actions, events, and states.
Element properties
Title | Description | Type |
Access Key | the access key that is in the downloaded file. | Text |
Secret Key | the secret key that is in the downloaded file | Text |
Session Token | is particularly used in situations where temporary authentication is needed, such as when an application needs to access AWS resources on behalf of the user but does not want to share the user's permanent credentials. In this case, the session token can be generated through an authentication and authorization process and then used to perform operations on AWS resources for a certain period of time.
Using the session token can contribute to the security of applications because it allows for limiting privileges and access duration for AWS resources, minimizing exposure of users' or applications' permanent credentials (get the temporary keys once using the "Create Temporary Credentials" action). | Text (optional) |
Region | In AWS (Amazon Web Services), a "Region" is a specific geographical area where AWS has data centers. | Text |
Bucket Name | The name of the bucket in AWS. | Text |
Folder | The name of the folder within the S3 bucket from which to list objects. If provided, only files within this folder will be listed. | Text (optional) |
Element actions
Refresh Get all files from s3
Generate SignURL
Element events
Title | Description |
bucket’s objects are loaded | is triggered once the Get all files from s3 action finished execution |
Element states
Title | Description | Type |
List of file urls | FileUrls | Text |
List of filenames | FileNames | Text |
Last Modified | LastModified | Date |
List of file size (MB) | Size | Number |
Signed Url | Generated Signed Url | Text |
Plugin actions
Delete Files/File (backend)
Set standart Cross-origin
Delete Folder
Create Temporary Credentials
Delete file
Delete Files
Workflow/settings Example
Upload File
Begin upload from input
Resets the file uploader
Reset uploader
Element events
Title | Description |
Upload Start | Triggered when plugin starts uploading file. |
Upload End | Triggered when plugin finished file uploading. |
Error | Triggered when error’s happened. |
Generation URL | To this event, we must attach the "Generating a Pre-signed URL (BETA)" action and “Upload file” action of the element |
Element states
Title | Description | Type |
URL | Uploaded file URL. | Text |
Error | Error message. | Text |
AWS Name | Uploaded file name. | Text |
Size | File size in bytes. | Number |
Type | File type. | Text |
URls | the URLs of the files successfully uploaded to the S3 bucket | Text(list) |
Original Name | The original name of the file | Text |
File Path | This is a state that you must send to the action "Generating a Pre-signed URL (BETA)” | Text |
New Action 🚀
Get All Files (BETA).
It is a new action that returns the information to all the files uploaded to your Bucket!
Bucket name - Bucket name from AWS from where to retrieve the files.
Folder Name - In case you want to retrieve the files from a certain folder within a bucket.
You can save the obtained data in custom states to display them wherever you want.
Generating a Pre-signed URL (BETA)
This action generates pre-signed URLs that allows the plugin to upload files from new elements.
Bucket Name - Bucket name from AWS where to upload the files.
File Path - This field requires the path of the file in order to upload it. Both new elements have a new state that returns this information.
Uploading to AWS (BETA)
Bucket Name - Bucket name from AWS where to upload the files.
File - The file to be uploaded
Folder Path - The address where the file should be uploaded
Steps for Configuring the “uploader (BETA)" and "File Upload No GUI (BETA)”
- Adding the Element to the Page
- Open the page editor and navigate to the page where you want to add the AWS file upload functionality.
- Select the “File uploader (BETA)” or “File Upload No GUI (BETA)” elements from the component library.
- Add the element on the page.
- Configuring the "Generation URL" Event
- In the Workflow section, add a new event by selecting "Generation URL" from the list of available events.
- Select the wanted Uploader element from the Element dropdown.
- Adding the "Generate Pre-Signed URL (BETA)" Action
- In the "Generation URL" event, add a new action.
- Select "Generate Pre-signed URL (BETA)" from the list of available actions.
- Configuring Fields for "Generate Pre-signed URL"
- Bucket Name - Bucket name from AWS where to upload the files.
- File Path - This field requires the path of the file in order to upload it. Both new elements have a new state that returns this information.
- Adding the "Upload File" Action
- After configuring the "Generate Pre-signed URL" action, add a new action under the same "Generation URL" event.
- Select "Upload File" from the list of available actions for the new elements.
- Configuring Fields for "Upload to AWS"
- Element - Select the wanted element from the dropdown.
- Pre-signed upload URL - Enter the Pre-signed URL for uploading the file as the result of the previous “Generate Pre-signed URL" action. This URL will be used to upload the new file to AWS S3.
- Delete Sign URL: Enter the Pre-signed URL for deleting the file (if applicable) as the result of the previous “Generate Pre-signed URL" action. This URL will be used to delete the previously uploaded file from AWS S3.