Hello,
I was able to get this working locally on a docker container by passing my own credentials like so:
const configCredentials =
process.env.NODE_ENV === "development"
? {
credentials: {
accessKeyId: process.env.S3_ACCESS_KEY_ID,
secretAccessKey: process.env.S3_SECRET_ACCESS_KEY,
},
}
: {};
const adapter = s3Adapter({
config: {
...configCredentials,
region: process.env.S3_REGION,
},
bucket: process.env.S3_BUCKET,
});
In the docs it says, "Note that the credentials option does not have to be used when you are using PayloadCMS on an EC2 instance that has been configured with an IAM Role with necessary permissions." -
https://github.com/payloadcms/plugin-cloud-storage#s3-adapterThe difference is that I am running this on ECS and was wondering if there was something else that I have to do. I did create a policy with
["s3:GetObject", "s3:PutObject"]
and attached it to the ecs task definition
execution_role_arn
.
Any help would be appreciated
I made a very noob oversight when looking over my code. The issue was caused because i was setting the permissions on the execution role instead of the task role.
In summary:
The Task Role is for giving permissions to the containers within the task itself to interact with other AWS services.
The Task Execution Role is for the ECS service to manage tasks, including pulling Docker images and performing ECS-specific operations.
everything works as expected 🙂
Star
Discord
online
Get help straight from the Payload team with an Enterprise License.