Is anyone using s3 for user uploaded images? Would love to learn what folks are doing for node

There is an example on SST guide on how to upload frontend -> s3 using amplify • https://serverless-stack.com/chapters/review-our-app-architecture.html • https://serverless-stack.com/chapters/upload-a-file-to-s3.html But to upload from a backend to s3 you can use

aws-sdk

https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#upload-property

We are using nextjs for both backend and front-end, and we do have some api routes too. I think we have to use user credentials cause we use auth0 for the identification

Yeah like @Gabriel Araújo suggested, if you want users to be able to upload images directly to S3 (without proxying through Api, you can use Cognito Identity Pool to achieve this.

Sorry I should clarify - as it seems I may have miscommunicated the importance of the users uploading directly to s3. We already hit the api through our widget to save data. So we may as well attach image data to that too.

Check out this example of using Lambda to generate an S3 presigned url, and users can upload directly to S3 using it https://medium.com/@lakshmanLD/upload-file-to-s3-using-lambda-the-pre-signed-url-way-158f074cda6c

Would you say that option is needed even if the upload was done all through the backend? inside a lambda?

you could but this is not optimal... 1. The upload would take a while.. you first upload to your backend and then upload it to s3. 2. When using user credentials to talk to s3 you can use user identity pool info such as an ID to create policies for private/public folders using dynamic values in your policy. So IDK your use case but if you need to use aws to put the file/authorize suer folder access the best way is to use Identity Pool + IAM + S3. ◦ You can still do this manually using some logic in your backend and use a single credentials for AWS and use your backend with aws sdk but you'll have to do it manually if this is the use case ◦ You can use your backend to talk to s3 using aws sdk with user credentials.. make you backend generate aws sts credential to the user making the upload and make the upload. ◦ Use amplify + cognito identity pool + auth0 to allow users to directly make upload to s3 from the frontend. 3. You can have a single credentials "lets say backend credential" and make the upload yourself from backend to s3 and you'll have to handle user access to folders. Since there will be a single aws credential for "every user".

Thanks for the detailed explanation! A lot of what you said makes sense. To explain my use case a bit more, https://getfeedbackwidget.com/ That's my project. I'm hoping to add a screenshot functionality. It will grab a screenshot of the viewport as a base64 encoded data string of the image using the browser.

Yeah, you could send the image to Lambda and Lambda upload to S3. It will be slower, and you might have to special handle files larger than Lambda’s 6MB request payload limit.