Amazon S3

UI Bakery allows you to easily connect to your Amazon S3 bucket with no need for additional layers (APIs or 3rd-party services).

Create an S3 bucket

Log in to your AWS console, go to the S3 page, and click create bucket button. Afterward, create your bucket in the region of your choice:

Allowing CORS for S3 file upload

If you are planning to use the "S3 file upload" component in UI Bakery, you set up CORS policies for your bucket.

Go to your bucket settings > Permissions, then scroll to "Cross-origin resource sharing (CORS)" section. For the cloud version of UI Bakery, add the following JSON:

    "AllowedOrigins": ["https://*"],
    "AllowedMethods": ["PUT", "POST", "DELETE"],
    "AllowedHeaders": ["*"]
    "AllowedOrigins": ["*"],
    "AllowedMethods": ["GET"]

If you use a self-hosted or managed version of UI Bakery on a custom domain, use the domain where you run your UI Bakery platform in the AllowedOrigins section. Usually, it equals the value of the UI_BAKERY_APP_SERVER_NAME environment variable.

Create IAM user credentials

After you have set up your bucket, you need to create IAM user that will be used to access your S3 data.

In S3 go to IAM > Users, and click Add Users button.

After entering the user name you will be prompted to set up the permissions of your IAM user. You can select Attach Policies Directly tab, and AmazonS3FullAccess from the list.

When running UI Bakery in the production, environment, we strongly recommend limiting IAM users' access to the exact bucket that user is allowed to access. For these purposes, you can use the ARN of the bucket you created in a custom policy you can create according to this AWS doc.

Generating Access Key Id and Secret key ID

Once a user is created, you need to create its credentials that could be used by UI Bakery. For these purposes, navigate to that particular user's settings > Security Credentials, then scroll down to Access Keys section:

When asked about the type of Access Key, select third-party application:

After Access key ID and the Secret access key ID are created, copy them since they will be used when configuring S3 data source later.


  1. Go to the Data sources page – Connect – Choose AWS S3.

  2. Give your data source a name.

  3. Specify the Access key ID and the Secret access key ID.

  4. If you are using an assumed role, specify the Role to assume (ARN).

  5. Click Test connection to check whether the data source can be connected. When the connection is successful, click Connect Data source.

  6. You can also specify the Default bucket name, this value can be overridden in an action or S3 Uploader component.

The following guides might help you:

pageS3 querypageS3 compatible endpoints (DigitalOceans spaces)pageUpload files to Amazon S3

Last updated