The purpose of this very simplified set up of AWS is to teach people the basics. For business purposes, I would recommend using more strict access controls. This set up is perfect for an educational project or for someone who wants to get a basic understanding of AWS. Well, with that out of the way, let’s get started.
Create your Rails app with rails new <app_name>. Then you’ll want to jump into your config/storage.yml file. There you’ll see that Amazon and other storage locations for cloud services are ready to be commented in out of the box with rails.
Simply uncomment the amazon part. We will come back to this later.
After that go into your gemfile and add gem “aws-sdk-s3”, require: false then bundle install.
Next, go into your config/environments folder. You’re going to do the following change for both development and production. Find where it says
config.active_storage.service = :local
And change the :local to :amazon because that’s what the space name is inside your storage.yml. (if you decided to change what was in your storage.yml file to bubble_gum that you’d set your active_storage.service to :bubble_gum)
Okay now we need to hop over to the AWS site: https://aws.amazon.com/
If you don’t already have an account go ahead and make one. By clicking the orange “Create an AWS Account” button.
Fill in your information on the next page. All fields are required.
You will need to add a credit card to your account, however, Amazon only charges you for downloading from the storage and it’s absurdly cheap. Even if you used it regularly to maintain a database it might run you $30 a year.
Continue on with the registration…
Select the Free Plan
Now that orange button says “Sign in to the Console”…Go ahead and do that. Select Root user.
Enter s3 into the Find Services field. Select s3.
You’ll see a dashboard that looks something like this:
Click the Create bucket button.
Give the bucket a name. Note that bucket names must be unique across all bucket names so you may have to get creative.
If you’re in NYC like I am you’re going to want to pick US East (Virginia) I promise that is much closer than Ohio, which is the other tempting server location. You can check out more about the AWS global infrastructure and find the closest server to you here.
Hit next to continue. You can decide if you want to add any of the options you see but it’s fine to just click next again.
The Public Access on the next page is set to blocked. This is something you can change later. If you’re just testing things out with your app you can uncheck.
Then create the bucket! You should see your bucket name on the dashboard now.
Okay, the next step is to create an IAM user. Click on the Services dropdown near the top of your screen. Type in IAM into the search bar and select IAM — manage access to AWS resources. You’ll be brought to a new dashboard. On the left-side menu select Users. Then click the Add user button.
Set a name for the user and give it programmatic access
Click next then select the Attach existing policies directly. Now let me save you hours of confusing research and tell you that IAMFullAccess will work well. Just search for that and select it and hit next and next again then Create user.
This is a VERY IMPORTANT page! DO NOT lose the access key numbers. (also don’t post them online unless you plan on deleting them right away)
Download the .csv and keep it somewhere safe where you can access it. You’ll need these to complete the very first step of this tutorial.
Phew, done with that!! Now back to our Rails app. Now we don’t want to put these secret access keys anywhere that would be loaded up to Github.
There are two easy options to deal with this.
One is to make some environmental variables in a .env file then add .env to the gitignore page. The other way is to use the new rails credentials.yml.enc.
The new rails credentials feature is a neat idea but if you’re new all this and you think you might run into bugs (you will run into bugs) I’d recommend the former option because it’s a pain to redo the credentials over and over if you change your IAM user or start your app over. Personally I had a bunch of issues with this part and it finally worked the one time I used env variables so I love them now even if they don’t deserve the credit.
I’ll quickly explain how to set up the credentials if you want to check that out.
Type into your console EDITOR=vim rails credentials:edit
You can set your favorite editor. I’ll give you the TLDR on the cute little VIM tutorial that I found after button mashing until I discovered that : was the command to start typing commands… I actually read the whole :help document too. (quit command lets your skip it).
Okay so how do you edit this thing? Type the letter i to enter edit mode. Press the esc key to exit edit mode. To save enter :w to quit enter :q
Once in edit mode copy in your access key and secret. You can also add in your region and bucket name if you want to keep those confidential too.
Then you would go into the storage.yml file and set it up to look like this:
Alright, now the other option ENV variables (my personal preference) !!
Create a file called .env in your app directory. So that would be app/.env
Create a variable for your key and your secret.
Go to your storage.yml file and change it to look like:
AND FINALLY!! DO NOT FORGET to add .env to your git ignore file.
Just throw it in at the bottom as .env and you’re all set.
That’s all there is to it. Good luck and happy coding.