The next step in the process of configuring Amazon S3 to work with a MongoDB Realm application is to add a bucket to contain all of the assets. For S3, a bucket is the topmost container used to store asset data - all files stored in a bucket have a unique path and can be accessed through URLs by the outside world (expiring or not).

Anatomy of a bucket

The directory structure underneath an Amazon S3 bucket used to with the Cosync Storage module is organized as follows. The topmost directories directly underneath the bucket will be named with the Realm user Id of the user who uploaded the asset to the bucket. There is also a public directory used to store non-expiring public assets. This public directory in turn has subdirectories for each user Id of the user who uploads a public asset.

Underneath every user directory, the developer can specify an arbitrary path like /avatar. For example, if user with user Id equal to 5ff481a161c490458f8e2c3f uploaded an asset called mugshot.jpg to a path called /avatar, the Cosync Storage module would create cuts with a time stamp included as follows - the time stamp is 1609859729341. Similarly if a user with user Id equal to cb6b7d76cb515cc07557b8a6 were to upload a non-expiring public asset to the path /backgrounds, the resulting asset would be placed under the public branch as shown below.

CosyncStorageBucket
├── 5ff481a161c490458f8e2c3f
│   └── avatar
│       ├── mugshot-1609859729341.jpg
│       ├── mugshot-large-1609859729341.jpg
│       ├── mugshot-medium-1609859729341.jpg
│       └── mugshot-small-1609859729341.jpg
└── public
    ├── 5ff481a161c490458f8e2c3f
    └── cb6b7d76cb515cc07557b8a6
        └── backgrounds
            ├── texture-1609859729348.jpg
            ├── texture-large-1609859729348.jpg
            ├── texture-medium-1609859729348.jpg
            └── texture-small-1609859729348.jpg

Add a bucket to Amazon S3

Adding a bucket to Amazon S3 is very easy. To do so, the developer must first go to S3 page within the AWS Console and hit Create Bucket. The bucket name must be lowercase.

Before the bucket is created, the developer must uncheck Block all public access to make the assets in the bucket accessible to the MongoDB Realm Application. After the bucket is created, the developer must click on the bucket and go to the Permissions tab and edit the bucket policy. The developer must change with their bucket name as needed.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<name of bucket>/public/*"
        }
    ]
}

In practice this looks like this:

Once the bucket policy has been set, the developer is ready to integrate the Amazon S3 bucket into the MongoDB Realm Application using the Cosync Storage module.

Region Code

The region code for the AWS S3 bucket can be retrieved directly from the list of buckets. In the example below, the region code for the bucket cosyncstoragetest is us-east-1.