Navigation
  • Rules >
  • Amazon S3 Service Rules

Amazon S3 Service Rules

To use the Amazon S3 Service, you must specify rules to enable its actions. The rule must evaluate to true for the action to be enabled. Actions can be configured to be always enabled by specifying an empty document for your rule, {} , which evaluates to true.

Service Configuration

Before applying service rules, you must add the Amazon S3 service to your MongoDB Stitch application. For instructions on setting up your Amazon S3 service, see Amazon S3.

Specify a Rule

  1. Select the action(s) for which the rule applies.

  2. Specify a rule in valid JSON that evaluates to a boolean. The following are permitted in the rule document:

    {
      <field1>: <value1|expression1>,
      <field2>: <value2|expression2>,
      ...
    }
    

Amazon S3 Service Arguments

To specify a rule based on arguments:

{
  "%%args.<argument1>": <value1|expression1>,
  "%%args.<argument2>": <value1|expression2>,
  ...
}

Or, you can omit the %%args prefix if you do not specify any expansion prefixes for the fields.

{
  "<argument1>": <value1|expression1>,
  "<argument2>": <value1|expression2>,
  ...
}

However, you cannot mix arguments with prefixes and arguments without prefixes in the same rule. For example, the following rule is invalid:

{
  "%%args.to": "text@example.com",
  "from": "someone@example.com",
  ...
}

The following arguments are permitted in S3 service rules:

Field Type Description
bucket String The S3 bucket name.
key String The object key, or key name, which uniquely identifies the object in the bucket; i.e. the path to the object in the bucket.
acl String

The access control list (ACL) permissions. The value can be one of the following strings:

  • "private"
  • "public-read"
  • "public-read-write"
  • "aws-exec-read"
  • "authenticated-read"
  • "bucket-owner-read"
  • "bucket-owner-full-control"
contentType String The MIME type of the content, such as text/plain or audio/mpeg.

Example

Actions When
put
{
  "bucket" : { "%in": "%%values.mybuckets" },
  "contentType" : "text/plain"
}

The S3 rule ensures that applications can only perform a put action when the:

  • bucket is a string listed in mybuckets, where mybuckets is a user-defined constant. For more information on defining constants, see Values.
  • contentType is "text/plain".