Warning
You should not change the type of storage post-installation. Your files will not be moved to the new storage automatically. You'd need to copy them over manually.
Note
For the purposes of this documentation, private content refers to project files, packages, etc. while public content refers to the style and logic files (CSS, JS, etc.) required for Kaplan Cloud to function in users' web browsers.
Local file storage does not require additional configuration. Static files, which are needed for the app to function are stored at $PROJECT_DIR/staticfiles. Project files, packages and others are stored at $PROJECT_DIR/kaplancloudapp/projects.
Note
Kaplan Cloud depends on django-storages to offer Google Cloud Storage support.
Create a bucket (Create a new bucket) and make sure to set control to Fine-grained (Choose between uniform and fine-grained access). You will set the environment variables
GS_PUBLIC_BUCKET_NAME
andGS_PRIVATE_BUCKET_NAME
to the name of this bucket.Note
For your public content to be actually public, you'll need to set the environment variable
GS_DEFAULT_ACL
topublic-read
. This will not affect your private content.Create a service account and make sure it has read and write access to your bucket (Creating a Service Account).
Create and download an access key for your service account. You will set the environment variable
GOOGLE_APPLICATION_CREDENTIALS
to the path to this key file.
Note
By default, public content will be saved under the /static directory, while
private content will be saved under the /kaplancloudapp/projects directory.
You can change these directories by setting the environment variables
GS_PUBLIC_BUCKET_LOCATION
and GS_PRIVATE_BUCKET_LOCATION
Note
Kaplan Cloud depends on django-storages to offer S3 support.
Create the public bucket (Creating a bucket). Make sure to uncheck Block all public access. You will set the environment variable
S3_PUBLIC_BUCKET
to the name of the bucket, andS3_REGION_NAME
to the bucket's region.Edit the bucket's policy to allow anonymous read access (Using bucket policies). Below is a policy example, change
mypublicbucket
to the name of your bucket:{ "Version": "2012-10-17", "Statement": [ { "Sid": "PublicRead", "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject", "s3:GetObjectVersion" ], "Resource": [ "arn:aws:s3:::mypublicbucket/*" ] } ] }
Create the private bucket (Creating a bucket). You will set the environment variable
S3_PRIVATE_BUCKET
to the name of this bucket.Head over to IAM and create a policy with full access to these buckets. Change
arn:aws:s3:::myprivatebucket
andarn:aws:s3:::mypublicbucket
to the names of your buckets (AWS IAM Docs).{ "Version": "2012-10-17", "Statement": [ { "Sid": "KaplanCloudBuckets", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObjectAcl", "s3:GetObject", "s3:ListBucket", "s3:DeleteObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::myprivatebucket/*", "arn:aws:s3:::myprivatebucket", "arn:aws:s3:::mypublicbucket/*", "arn:aws:s3:::mypublicbucket" ] } ] }
Under Users, create a user for Access key - Programmatic access and attach the policy we created at the previous step (Creating IAM users).
At the final step, you will be presented with your credentials. You'll set the environment variable
S3_ACCESS_KEY_ID
to Access key ID, andS3_SECRET_ACCESS_KEY
to Secret access key.
Note
By default, static files will be saved under /static in the public bucket,
and project files will be saved under the root directory of the private
bucket. You can change these directories by setting the environment variables
S3_PUBLIC_BUCKET_LOCATION
and S3_PRIVATE_BUCKET_LOCATION
Create a new bucket with ACL enabled and Block all public access unticked (Creating a bucket). You will set the environment variables
S3_PRIVATE_BUCKET
andS3_PUBLIC_BUCKET
to the name of this bucket.Note
For your public content to be actually public, you'll need to set the environment variable
S3_DEFAULT_ACL
topublic-read
. This will not affect your private content.Head over to IAM and create a policy with full access to this bucket. Change
arn:aws:s3:::mybucket
to the name of your bucket (AWS IAM Docs).{ "Version": "2012-10-17", "Statement": [ { "Sid": "KaplanCloudBucket", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObjectAcl", "s3:GetObject", "s3:ListBucket", "s3:DeleteObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::mybucket/*", "arn:aws:s3:::mybucket" ] } ] }
Under Users, create a user for Access key - Programmatic access and attach the policy we created at the previous step (Creating IAM users).
At the final step, you will be presented with your credentials. You'll set the environment variable
S3_ACCESS_KEY_ID
to Access key ID, andS3_SECRET_ACCESS_KEY
to Secret access key.
Note
By default, public content will be saved under the /static directory, while
private content will be saved under the /kaplancloudapp/projects directory.
You can change these directories by setting the environment variables
S3_PUBLIC_BUCKET_LOCATION
and S3_PRIVATE_BUCKET_LOCATION