Login
November 20, 2024|
Voiced by Amazon Polly |
Overview
This blog provides a comprehensive guide about setting up Strapi, which happens to be a headless CMS, on AWS without needing to get direct access to AWS IAM roles. So, even if you don’t have the necessary Identity and Access Management (IAM) permissions, you can still install Strapi on different AWS services, such as Amazon EC2 while using Amazon S3 for media storage and Amazon RDS to manage your databases. The blog walks you through the steps for installing Strapi locally, how to link it to the required AWS services, then deploying it on AWS with either Amazon Elastic Beanstalk or Amazon EC2, plus how to keep your sensitive information safe by using some environment variables. With these methods, you’ll get to create a fully functional CMS system on AWS, including configuration tips and best practices, which is a bonus.
Pioneers in Cloud Consulting & Migration Services
- Reduced infrastructural costs
- Accelerated application deployment
Prerequisites
- AWS Account: You should have at least some access to AWS, even if you lack AWS IAM role permissions. Ensure you have basic access and can work with AWS services like Amazon EC2, Amazon S3, and Amazon RDS.
- Node.js and npm are installed on your computer.
- Strapi CLI installed (globally): npm install strapi@latest –g
Setting Up Strapi on Your Local Machine
First, let’s install Strapi on your local machine and configure it with Postgres (I am using this for my project) or use SQLite ( the default database).
Use the below code to create a new Strapi project.
|
1 |
npx create-strapi-app@latest my-project --quickstart |
Once Strapi is set up, you can run it locally:
|
1 |
cd my-project |
Use the above command to go to your directory and run the below command to start the Strapi project.
|
1 |
npm run develop |
Check to see if Strapi is up and running on http://localhost:1337.
If your Strapi started properly, this page should appear.
Now that Strapi runs on your local machine, it’s time to take it to AWS.
Hosting Options Without IAM Role Access
You must look for other hosting options when you don’t have AWS IAM role access. Here are three popular ways to host Strapi on AWS without needing direct AWS IAM access:
- Amazon Elastic Beanstalk
- AWS Lightsail
- AmazonEC2 Instances (I am using EC2 Instances to host Strapi.)
If you have access to access Amazon EC2 without IAM role permissions, you can also deploy Strapi on Amazon EC2. You can set up and manage the instance manually:
- Launch a new Amazon EC2 instance with Ubuntu or Amazon Linux.
- Use your SSH key to connect to it.
- Use the below command to install Nodejs.
|
1 2 3 |
sudo yum update sudo yum install nodejs npm |
- Move Your Strapi Project: Use SCP to copy your local Strapi project files to the Amazon EC2 instance.
- Run Strapi: Set up the necessary dependencies and run the app on the server.
Connecting to AWS Services
You can still use AWS services like Amazon S3 to store media and Amazon RDS to handle databases.
a. Amazon S3 Bucket for Media Storage
You can set up Strapi to work with Amazon S3 for storing media files:
1. Install S3 Provider for Strapi: use the below command
|
1 |
npm install @strapi/provider-upload-aws-s3 |
b. Configure the Provider in your config/plugins.js file:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
module.exports = ({ env }) => ({ upload: { config: { provider: "aws-s3", providerOptions: { s3Options: { region: env("AWS_REGION"), params: { Bucket: env("AWS_BUCKET"), ACL: env("AWS_ACL", "public-read"), signedUrlExpires: env("AWS_SIGNED_URL_EXPIRES", 15 * 60), }, credentials: { accessKeyId: env("AWS_ACCESS_KEY_ID"), secretAccessKey: env("AWS_ACCESS_SECRET"), }, }, }, actionOptions: { upload: {}, uploadStream: {}, delete: {}, }, }, }, }); |
Configure the Provider in your config/middlewares.js file:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
module.exports = [ 'strapi::errors', /* Replace 'strapi::security', with this snippet */ { name: 'strapi::security', config: { contentSecurityPolicy: { useDefaults: true, directives: { 'connect-src': ["'self'", 'https:'], 'img-src': [ "'self'", 'data:', 'blob:', 'dl.airtable.com', 'your-bucket-name.s3.your-region.amazonaws.com', ], 'media-src': [ "'self'", 'data:', 'blob:', 'dl.airtable.com', 'your-bucket-name.s3.your-region.amazonaws.com', ], upgradeInsecureRequests: null, }, }, }, }, /* End of snippet */ 'strapi::cors', 'strapi::poweredBy', 'strapi::logger', 'strapi::query', 'strapi::body', 'strapi::session', 'strapi::favicon', 'strapi::public', ]; |
c. Connecting to an Amazon RDS Database
If you are using Amazon RDS for your database:
- Create an RDS instance from the AWS console (MySQL or PostgreSQL).
- Set up Strapi to connect to Amazon RDS in the config/database.js file:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
module.exports = ({ env }) => { const client = env('DATABASE_CLIENT', 'postgres'); const connections = { postgres: { connection: { connectionString: env('DATABASE_URL'), host: env('DATABASE_HOST', 'localhost'), port: env.int('DATABASE_PORT', 5432), database: env('DATABASE_NAME', 'strapi'), user: env('DATABASE_USERNAME', 'strapi'), password: env('DATABASE_PASSWORD', 'strapi'), }, schema: env('DATABASE_SCHEMA', 'public'), }, } }; |
Security Tips
Conclusion
Even if you don’t have direct AWS IAM role access, deploying Strapi on AWS. Using AWS access keys and proper configurations, you can connect your Strapi application to critical AWS services like Amazon S3 and Amazon RDS, ensuring your CMS is fully operational. By carefully following best practices around security and deployment, you can effectively implement Strapi on AWS without requiring AWS IAM role access.
Drop a query if you have any questions regarding Strapi on AWS and we will get back to you quickly.
Making IT Networks Enterprise-ready – Cloud Management Services
- Accelerated cloud migration
- End-to-end view of the cloud environment
About CloudThat
CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.
CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront and many more.
To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.
FAQs
1. Does Strapi require AWS IAM role permissions to be deployed on AWS?
ANS: – Yes. You can use AWS services like Amazon EC2, Amazon Lightsail, or Amazon Elastic Beanstalk, where you can use environment-based permissions or access keys to handle deployments rather than AWS IAM roles.
2. How can I store media files on Amazon S3 if I don't have an AWS IAM role?
ANS: – By installing the Amazon S3 provider and inserting the access keys in the config/plugins.js file, Strapi can be set up to use Amazon S3, enabling safe media storage.
WRITTEN BY Akanksha Choudhary
Akanksha Choudhary works as a Research Intern at CloudThat and is passionate about AI and technology.
PREV
Comments