Storage

Coming soon: The Storage experience for Amplify (Gen 2) is still under development. You can add Amazon S3 to your Amplify (Gen 2) project with AWS CDK.

To use Storage today, you must use the AWS Cloud Development Kit (CDK). To get started, install the CDK library package:

1npm add --save-dev aws-cdk-lib

Depending on the Node.js package manager you are using, you may encounter warnings where it is now unable to resolve the peer dependency version @aws-amplify/backend has on aws-cdk-lib. If you encounter a warning similar to the following, re-install the version specified in the warning text:

1npm WARN Could not resolve dependency:
2npm WARN peer aws-cdk-lib@"~2.103.0" from @aws-amplify/backend@0.4.0
3npm WARN node_modules/@aws-amplify/backend
4npm WARN   dev @aws-amplify/backend@"^0.4.0" from the root project

Using the sample warning text above, you would need to install aws-cdk-lib@2.103.0.

Next, modify your project's backend.ts file to create an Amazon S3 bucket and grant Amplify-generated resources access to read and write:

1import * as s3 from 'aws-cdk-lib/aws-s3';
2import { defineBackend } from '@aws-amplify/backend';
3import { auth } from './auth/resource.js';
4import { data } from './data/resource.js';
5
6const backend = defineBackend({
7  auth,
8  data
9});
10
11// create the bucket and its stack
12const bucketStack = backend.createStack('BucketStack');
13const bucket = new s3.Bucket(bucketStack, 'Bucket', {
14  blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL
15});
16
17// allow any authenticated user to read and write to the bucket
18const authRole = backend.resources.auth.resources.authenticatedUserIamRole;
19bucket.grantReadWrite(authRole);
20
21// allow any guest (unauthenticated) user to read from the bucket
22const unauthRole = backend.resources.auth.resources.unauthenticatedUserIamRole;
23bucket.grantRead(unauthRole);

Finally, run npx amplify sandbox to create your first Amazon S3 bucket!

Storage

Next steps