Extension:AWS

When images are in S3:

1. Amazon EC2 instance which runs MediaWiki doesn't contain any important data^[1] and can be created/destroyed by Autoscaling.
2. Visitors download images directly from Amazon S3^[2] (which is fast), not from Amazon EC2 (where network performance depends on instance type, etc.).

AlternativesEdit

Instead of using Amazon S3 (and this extension), you can create an Amazon EFS drive and mount it to $wgUploadDirectory . It's recommended for small wikis.

For modern versions of MediaWiki (1.35+), use the following instruction:

1. Download the extension:

   git clone --depth 1 https://github.com/edwardspec/mediawiki-aws-s3.git AWS

2. Move the AWS directory to the "extensions" directory of your MediaWiki, e.g. /var/www/html/w/extensions (assuming MediaWiki is in /var/www/html/w).
3. Create the file /var/www/html/w/composer.local.json with the following contents:

   {
   	"extra": {
   		"merge-plugin": {
   			"include": [
   				"extensions/AWS/composer.json"
   			]
   		}
   	}
   }
   

4. Run composer update from /var/www/html/w (to download dependencies). If you don't have Composer installed, see Composer for how to install it.
5. Create an S3 bucket for images, e.g. wonderfulbali234.

   Note: this name will be seen in URL of images.

6. Authorize MediaWiki to access Amazon S3:
   1. If your EC2 instance has an IAM instance profile (recommended), copy everything from "Needed IAM permissions" (see below) to inline policy of the IAM role. See https://console.aws.amazon.com/iam/home#/roles
   2. If your EC2 instance doesn't have an IAM profile, obtain key/secret for AWS API. You'll need to write it in LocalSettings.php (see below).
7. Modify LocalSettings.php (see below).

See https://github.com/edwardspec/mediawiki-aws-s3/blob/master/README.md for more details.

Installation for older versions of MediaWikiEdit

See Extension:AWS/Installation for 1.27-1.34. These versions may still receive security fixes (if any), but not new features.

Step 1: configure LocalSettings.phpEdit

wfLoadExtension( 'AWS' );

// Configure AWS credentials.
// THIS IS NOT NEEDED if your EC2 instance has an IAM instance profile.
$wgAWSCredentials = [
	'key' => '<something>',
	'secret' => '<something>',
	'token' => false
];

$wgAWSRegion = 'us-east-1'; # Northern Virginia

// Replace <something> with the name of your S3 bucket, e.g. wonderfulbali234.
$wgAWSBucketName = "<something>";

// If you anticipate using several hundred buckets, one per wiki, then it's probably better to use one bucket
// with the top level subdirectory as the wiki's name, and permissions properly configured of course.
// While there are no more performance losses by using such a scheme, it might make things messy. Hence, it's
// still a good idea to use one bucket per wiki unless you are approaching your 1,000 bucket per account limit.
$wgAWSBucketTopSubdirectory = "/$wgDBname"; # leading slash is required

Step 2: needed IAM permissionsEdit

Visit the IAM Management Console - https://console.aws.amazon.com/iam/home - and add "Inline policy" to the IAM role of your Webserver.

Inline policy should contain (within the Statement array, as in this example) the following permissions (replace <something> with the name of your S3 bucket, e.g. wonderfulbali234):

{
        "Effect": "Allow",
        "Action": [
                "s3:*"
        ],
        "Resource": [
                "arn:aws:s3:::<something>/*"
        ]
},
{
        "Effect": "Allow",
        "Action": [
                "s3:Get*",
                "s3:List*"
        ],
        "Resource": [
                "arn:aws:s3:::<something>"
        ]
}

• https://github.com/edwardspec/mediawiki-aws-s3/issues

• WindowsAzureStorage