Chapters

40 Chapters | 4:39:58 |

01

Setting up with the Symfony Local Web Server

5:15
02

Uploads, multipart/form-data & UploadedFile

7:59
03

Where & How to Store the File

5:06
04

Unique (but not Insane) Filenames

6:30
05

File Upload Field in a Form

9:09
06

Centralizing Upload Logic

7:01
07

File Validation

6:30
08

Upload Field Styling & Bootstrap

5:24
09

URL to Public Assets

7:44
10

The asset() Function & assets.context

5:28
11

Thumbnailing with LiipImagineBundle

5:53
12

Image Preview on the Form

4:16
13

File Uploads & Data Fixtures

9:49
14

Flysystem: Filesystem Abstraction

5:15
15

Using the Filesystem

4:11
16

Flysystem: Streaming & Defensive Coding

9:02
17

Flysystem <3 LiipImagineBundle

10:44
18

Absolute Asset Paths

6:20
19

Setup for Uploading Private Article References

5:45
20

Uploading References

8:38
21

Storing Private Files

6:11
22

Mime Type Validation

7:33
23

Endpoint for Downloading Private Files

5:53
24

Streaming the File Download

5:55
25

Dropzone: AJAX Upload

8:25
26

API Endpoint & Errors with Dropzone

4:53
27

Rendering the File List Client Side

9:42
28

Deleting Files

8:58
29

Edit Endpoint & Deserialization

5:07
30

JavaScript for Editing a Reference

7:01
31

Reordering the Files

5:10
32

Reordering Endpoint & AJAX

7:41
33

Configuring S3 Bucket & IAM User

4:30
34

Flysystem & S3

7:44
35

S3 Asset Paths

5:33
36

S3 & Private Object via ACLs

7:52
37

Cached S3 Filesystem For Thumbnails

9:28
38

Private Downloads & Signed URLs

7:02
39

API-Style Uploads

9:51
40

Coding the API Upload Endpoint

9:30

> Symfony 5 > All about Uploading Files in Symfony

Buy Access to Course

33.

Configuring S3 Bucket & IAM User

Autoplay

Keep on Learning!

If you liked what you've learned so far, dive in! Subscribe to get
access to this tutorial plus video, code and script downloads.

Start your All-Access Pass

Buy just this tutorial for $10.00

Previous Chapter

Next Chapter

With a Subscription, click any sentence in the script to jump to that part of the video!

Friends, I think it's finally time to store the uploaded files up... in the cloud. We're going to use Amazon S3. But thanks to Flysystem, we could easily use a different service - they have a bunch of adapters. Google again for OneupFlysystemBundle... and click into their docs so we can see how to implement the s3 adapter. Search for S3 and... there it is.

Configuring the AWS S3 Adapter

The first thing we need is this aws/aws-sdk-php package. Copy that, move over to your terminal and run:

composer require "aws/aws-sdk-php:^3.87"

Creating the S3 Bucket

While we're waiting for that, let's create the S3 bucket that will store our stuff! I'm already logged into the S3 section of AWS. Click "Create bucket" and let's call it sfcasts-spacebar. Choose whatever region makes sense for you - but remember that, because you'll need it later.

On the next screen, if you need encryption or logging or any of these things, check them. But we'll just click next again to get to permissions. There are a few things we need to do here. First, uncheck the two top boxes for "Block new public ACLs" and "Remove public access granted through public ACLs". By unchecking these boxes, we can now have private files and public files all in the same bucket. Click "Next" again and then "Create bucket".

IAM Permissions

Awesome! Bucket done! To be able to actually access this bucket... I'm going to open an new tab for the IAM service. Click "Users" and add a new user. Let's call it: sfcasts-spacebar-s3-access.

Okay. Check yes for "programmatic access", but don't check console access. This user will exist solely so we can use its credentials in our app to talk to S3.

For permissions, this is always the tricky part, at least for me. There are a lot of existing "policies" that can grant different permissions to different services... I'm going to open another tab to IAM and click to create a new policy.

There's a builder to help create the policy... or you can click the JSON tab to do it yourself. So... what do we put here? Fortunately, Flysystem has our back. In its docs for AWS S3, scroll down and... nice! It gives us the IAM permissions we need! Copy that, go back, and paste. Tweak the bucket name to be our bucket name. Let's see... it's sfcasts-spacebar. Back on the policy, paste that in both spots.

{
    "Version": "2012-10-17",
    "Statement": [{
        "Sid": "Stmt1420044805001",
        "Effect": "Allow",
        "Action": [
            "s3:ListBucket",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:ReplicateObject",
            "s3:DeleteObject"
        ],
        "Resource": [
            "arn:aws:s3:::your-bucket-name",
            "arn:aws:s3:::your-bucket-name/*"
        ]
    }]
}

This policy basically gives the new user full access to this specific bucket. Click "Review policy" and give it a name, how about sfcasts-spacebar-full-s3-bucket-access. Ok, create policy!

With that done, close that tab and go back to the original IAM tab where we're creating our new user. Click the little refresh button and search for sfcasts. The second policy was from me testing this earlier. Check the first box and hit "Next". Skip the tags... looks good... and create user!

Congrats! The hardest part is over! This gives us two things we need: a key and a secret. Next: let's set these as environment variables in our app and configure Flysystem to talk to S3!

5 Comments

Sort By

Cameron 2 years ago

there's no AWS policy script in the "script" section sadly (for easy copy paste), and the flysystem website took it down - so it needs to be manually typed out.

| Reply |

Cameron Cameron 2 years ago edited

FYR if anyone who needs it:


{
    "Version": "2012-10-17",
    "Statement": [{
        "Sid": "Stmt1420044805001",
        "Effect": "Allow",
        "Action": [
            "s3:ListBucket",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:ReplicateObject",
            "s3:DeleteObject"
        ],
        "Resource": [
            "arn:aws:s3:::your-bucket-name",
            "arn:aws:s3:::your-bucket-name/*"
        ]
    }]
}

| Reply |

MolloKhan SFCASTS Cameron 2 years ago edited

Thank you Fox C. !
You're right, a code block would be convenient here

Cheers!

| Reply |

Sylvain C. 2 years ago

Hey Team ! thanks for this amazing tutorial.

Can you explain in few words the privacy access to bucket ?

I try to understand but it's my first time in this world.

When Ryan uncheck the two first items, it's because he only want access to the files only on his own website ? Not outside ?

How can I make my files accessible only to my logged in users?

Thanks again and again !!!

| Reply |

weaverryan SFCASTS Sylvain C. 2 years ago edited

Hey Sylvain C.!

Yes... this stuff can be tricky! Those 2 checkboxes are around 1:30 in the video (to help anyone else).

Here's how this works:

When you upload a file to S3, you can choose the exact permissions that you want on that file. This is called the ACL for that "object". You could make a file "public" (meaning that if you know the URL to that file, then anyone can access it) or "private" (meaning that if you know the URL to that file, then you still CANNOT access it, unless you are authenticated in some way - more on that in a minute).

The checkboxes activated a setting on the "bucket" level. If I had KEPT those both checked, and then I tried to upload a new file with "public ACL", I believe S3 would have rejected it because that public ACL would have violated my bucket settings.

The more important point is that, when you upload a file, you can set each file to be "public" or "private". If a file is public, it's easy! You could render a link to that file on your site and everything would work :).

> How can I make my files accessible only to my logged in users?

For this, you would upload your files and make them "private". Then, when you need to send/show a link to a user for that file, you generate a temporary "signed url" - we talk about that here: https://symfonycasts.com/sc...

Cheers!

| Reply |

This tutorial is built on Symfony 4 but works great in Symfony 5!

Symfony 4

What PHP libraries does this tutorial use?

// composer.json
{
    "require": {
        "php": "^7.1.3",
        "ext-iconv": "*",
        "aws/aws-sdk-php": "^3.87", // 3.87.10
        "composer/package-versions-deprecated": "^1.11", // 1.11.99
        "doctrine/annotations": "^1.0", // 1.10.1
        "doctrine/doctrine-bundle": "^1.6.10", // 1.10.2
        "doctrine/doctrine-migrations-bundle": "^1.3|^2.0", // v2.0.0
        "doctrine/orm": "^2.5.11", // v2.7.2
        "knplabs/knp-markdown-bundle": "^1.7", // 1.7.1
        "knplabs/knp-paginator-bundle": "^2.7", // v2.8.0
        "knplabs/knp-time-bundle": "^1.8", // 1.9.0
        "league/flysystem-aws-s3-v3": "^1.0", // 1.0.22
        "league/flysystem-cached-adapter": "^1.0", // 1.0.9
        "liip/imagine-bundle": "^2.1", // 2.1.0
        "nexylan/slack-bundle": "^2.0,<2.2.0", // v2.1.0
        "oneup/flysystem-bundle": "^3.0", // 3.0.3
        "php-http/guzzle6-adapter": "^1.1", // v1.1.1
        "phpdocumentor/reflection-docblock": "^3.0|^4.0", // 4.3.0
        "sensio/framework-extra-bundle": "^5.1", // v5.2.4
        "stof/doctrine-extensions-bundle": "^1.3", // v1.3.0
        "symfony/asset": "^4.0", // v4.2.3
        "symfony/console": "^4.0", // v4.2.3
        "symfony/flex": "^1.9", // v1.21.6
        "symfony/form": "^4.0", // v4.2.3
        "symfony/framework-bundle": "^4.0", // v4.2.3
        "symfony/property-access": "4.2.*", // v4.2.3
        "symfony/property-info": "4.2.*", // v4.2.3
        "symfony/security-bundle": "^4.0", // v4.2.3
        "symfony/serializer": "4.2.*", // v4.2.3
        "symfony/twig-bundle": "^4.0", // v4.2.3
        "symfony/validator": "^4.0", // v4.2.3
        "symfony/web-server-bundle": "^4.0", // v4.2.3
        "symfony/yaml": "^4.0", // v4.2.3
        "twig/extensions": "^1.5" // v1.5.4
    },
    "require-dev": {
        "doctrine/doctrine-fixtures-bundle": "^3.0", // 3.1.0
        "easycorp/easy-log-handler": "^1.0.2", // v1.0.7
        "fzaninotto/faker": "^1.7", // v1.8.0
        "symfony/debug-bundle": "^3.3|^4.0", // v4.2.3
        "symfony/dotenv": "^4.0", // v4.2.3
        "symfony/maker-bundle": "^1.0", // v1.11.3
        "symfony/monolog-bundle": "^3.0", // v3.3.1
        "symfony/phpunit-bridge": "^3.3|^4.0", // v4.2.3
        "symfony/stopwatch": "4.2.*", // v4.2.3
        "symfony/var-dumper": "^3.3|^4.0", // v4.2.3
        "symfony/web-profiler-bundle": "4.2.*" // v4.2.3
    }
}

Previous Chapter

Next Chapter

Configuring S3 Bucket & IAM User

Share this awesome video!

Keep on Learning!

Configuring the AWS S3 Adapter

Creating the S3 Bucket

IAM Permissions

5 Comments

Delete comment?

What PHP libraries does this tutorial use?