GoLiveKit
Documentation
StorageProviders

AWS S3 Storage

Configure and use AWS S3 for your file uploads.

Follow these steps to configure your AWS S3 bucket and acquire the necessary environment variables to enable file uploads.

Create an S3 Bucket

  1. Sign in to your AWS Management Console.
  2. Go to the S3 service and click Create bucket.
  3. Choose a unique Bucket name and note the AWS Region (e.g., us-east-1).
  4. Uncheck Block all public access if you intend the files to be publicly readable (or manage via bucket policies later).
  5. Click Create bucket.

Configure CORS

Because files are uploaded directly from the browser using presigned URLs, you must configure CORS (Cross-Origin Resource Sharing).

  1. Go to your new bucket's Permissions tab.
  2. Scroll down to Cross-origin resource sharing (CORS) and click Edit.
  3. Add the following JSON configuration (adjust AllowedOrigins for production):
[
    {
        "AllowedHeaders": ["*"],
        "AllowedMethods": ["GET", "PUT", "POST", "HEAD"],
        "AllowedOrigins": ["*"],
        "ExposeHeaders": []
    }
]

Create an IAM User for Access

To safely access your bucket, create a dedicated IAM user instead of using root credentials.

  1. Go to the IAM Console.
  2. Go to Users -> Create user.
  3. Name the user (e.g., golivekit-uploader) and proceed.
  4. Under permissions, select Attach policies directly.
  5. Click Create policy, switch to the JSON editor, and use this policy (replace YOUR-BUCKET-NAME):
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::YOUR-BUCKET-NAME",
        "arn:aws:s3:::YOUR-BUCKET-NAME/*"
      ]
    }
  ]
}
  1. Finish creating the user with this attached policy.

Generate Access Keys

  1. Open your newly created IAM user.
  2. Go to the Security credentials tab.
  3. Scroll to Access keys and click Create access key.
  4. Choose Application running outside AWS and proceed.
  5. Copy your Access key ID and Secret access key. Keep the window open until you paste them, as the secret key relates only once.

Update your .env

Fill in your .env file with the gathered credentials.

.env
S3_REGION=us-east-1
S3_BUCKET=your-bucket-name
S3_ACCESS_KEY_ID=your-copied-access-key-id
S3_SECRET_ACCESS_KEY=your-copied-secret-access-key
# S3_ENDPOINT is not required for AWS S3

Cloudflare R2 Storage

Configure and use Cloudflare R2 to host your file uploads with zero egress fees.

Overview

Learn how to use analytics in GoLiveKit.

On this page

Create an S3 BucketConfigure CORSCreate an IAM User for AccessGenerate Access KeysUpdate your .env