Configuring an Amazon S3 Bucket
The server form is organized into sections:
Server Details
Enter your Bucket name and the region where it is hosted.
Authentication
Enter your Access ID and Secret Key.
Path Prefix
If you want to upload your files to a different folder from your Bucket's root directory, enter the directory in the Path Prefix.
S3 Request Headers
Within the S3 Request Headers section, you can configure specific metadata to send along with files matching a given pattern.
You may, for example, wish to send a Cache-Control header for all files, or a Content-Disposition header for all files of a certain type or even in a certain directory, to force them to be downloaded rather than rendered inline in the end-user's browser.
Add as many files as you like within this section, starting with the Header Key and Header Value, followed by a pattern.
S3 server-side encryption
As of January 5, 2023, all new object uploads to Amazon S3 are automatically encrypted with SSE-S3 (Amazon S3 managed keys) at no additional cost. This means your files are automatically encrypted when deployed to S3 buckets without requiring any additional configuration.
However, depending on your business requirements, you might need to use a specific encryption method or comply with particular bucket policies. In these cases, you can add the x-amz-server-side-encryption header to your DeployHQ configuration:
- For SSE-S3 (default):
x-amz-server-side-encryption: AES256 - For SSE-KMS:
x-amz-server-side-encryption: aws:kms - For SSE-C: Use
x-amz-server-side-encryption: AES256with additional customer-provided key headers
More information on S3 encryption options can be found here.