Configure Storage
Amplify CLI's storage
category enables you to create and manage cloud-connected file & data storage. Use the storage
category when you need to store:
- app content (images, audio, video etc.) in an public, protected or private storage bucket or
- app data in a NoSQL database and access it with a REST API + Lambda
Setup a new storage resource
You can setup a new storage resource by running the following command:
amplify add storage
Amplify allows you to either setup a app content storage (images, audio, video etc.) backed by Amazon S3 or a NoSQL database backed by Amazon DynamoDB.
Adding S3 storage
? Please select from one of the below mentioned services:> Content (Images, audio, video, etc.) NoSQL Database? Please provide a friendly name for your resource that will be used to label this category in the project:> mystorage? Please provide bucket name:> mybucket
Follow the prompts to provide your content storage's resource name.
S3 Access permissions
Next, configure the access permissions for your Amazon S3 bucket. If you haven't set up the auth
category already, the Amplify CLI will guide you through a workflow to enable the auth category.
? Restrict access by?> Auth/Guest Users Individual Groups Both Learn more
Auth/Guest Users access
Select Auth/Guest Users
, to scope permissions based on an individual user's authentication status. On the next question you'll be able to select if only authenticated users can access resources, or authenticated and guest users:
? Who should have access:❯ Auth users only Auth and guest users
Then you'll be prompted to set the access scopes for your authenticated and (if selected prior) unauthenticated users.
? What kind of access do you want for Authenticated users?> ◉ create/update ◯ read ◯ delete? What kind of access do you want for Guest users? ◯ create/update> ◉ read ◯ delete
Granting access to authenticated users will allow the specified CRUD operations on objects in the bucket starting with the prefix /public/
, /protected/{cognito:sub}/
, and /private/{cognito:sub}/
. {cognito:sub}
is the sub of the Cognito identity of the authenticated user.
Granting access to guest users will allow the specified CRUD operations on objects in the bucket starting with the prefix /public/
.
Individual Group access
Select Individual Groups
to scope access permissions based on Cognito User Groups
? Select groups: ◉ EMPLOYEE> ◉ MANAGER
Then select the CRUD operations you want to permit for each selected Cognito user group
? What kind of access do you want for EMPLOYEE users? ◯ create/update> ◉ read ◯ delete? What kind of access do you want for MANAGER users? ◉ create/update ◯ read> ◉ delete
Note: CRUD operations selected here will apply to ALL objects in the bucket, not just objects under a particular prefix.
Note: If you combine
Auth/Guest user access
andIndividual Group access
, users who are members of a group will only be granted the permissions of the group, and not the authenticated user permissions.
S3 Lambda trigger
Lastly, you have the option of configuring a Lambda function that can execute in response to S3 events.
? Do you want to add a Lambda Trigger for your S3 Bucket? (y/N)
Learn more about this workflow here.
That's it! Your content storage is set up! Head to the library's storage docs to integrate this newly created S3 bucket into your app.
Adding a NoSQL database
? Please select from one of the below mentioned services:> Content (Images, audio, video, etc.) NoSQL Database? Please provide a friendly name for your resource that will be used to label this category in the project:> dynamo2e1dc4eb? Please provide table name:> dynamo2e1dc4eb
Follow the prompts to provide your NoSQL Database's resource name. Next, you'll go through a table-creation wizard. First, you'll create the columns of your table:
You can now add columns to the table.
? What would you like to name this column: id? Please choose the data type: string? Would you like to add another column? Yes
Then, you'll need to specify your indexes. The concept behind "indexes", "partition key", "sort key" and "global secondary indexes" are explained in-depth here.
? Please choose partition key for the table: id? Do you want to add a sort key to your table? (y/N)
? Do you want to add a Lambda Trigger for your Table? (y/N)
If you want to configure a Lambda trigger for your Table, you'll have the option. Learn more about this workflow here.
That's it! Your NoSQL Database is set up!