Configure Amazon S3 for Rocket.Chat File Sharing

This article is for those looking for a detailed and clear guide on how to configure Amazon S3 for Rocket.Chat file sharing.

Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript for organizations with high standards of data protection.

NOTE

For details on installing Rocket.Chat on Ubuntu Server, read my guide: Install Rocket.Chat on Ubuntu Server.

IMPORTANT

You must have an account with administrator rights to Amazon Web Services.

IMPORTANT

To set up file sharing, you need to have administrator rights in Rocket.Chat.

First, let’s create a bucket using Amazon S3. It will allow you to store files that Rocket.Chat users will exchange.

Go to the Amazon S3 Console, sign in with an account that has administrator rights (if necessary), and click the “Create bucket” button.

In the “Bucket name” field, specify a unique DNS-compatible name for the bucket.

Note a few important things when creating a new bucket name:

• The bucket name must be unique across all existing buckets in Amazon S3.
• Once the basket is created, you cannot change its name.
• Choose a bucket name that reflects the purpose of the items you plan to store in it. This is important because the bucket name appears in the URL that points to the items in it.

NOTE

This tutorial will use “rocketchat-heyvaldemar” as the bucket name.

In the “Region” field, indicate the desired region in which the basket will be created.

Click on the “Create” button.

The cart has been successfully created.

Now you need to configure the access rights to the basket so that Rocket.Chat users can share files using this basket.

We select the previously created basket.

Go to the “Permissions” tab, then select “CORS configuration”.

Next, we insert the following configuration for the basket to work.

NOTE

In this guide, you will use the rocketchat.heyvaldemar.net subdomain to access Rocket.Chat from the Internet. You will need to specify your domain or subdomain by which Rocket.Chat will be accessible from the Internet.

Click on the “Save” button.

The changes were saved successfully.

Now you need to create a policy to access the previously created S3 bucket.

Click on the “Services” button and select “IAM” in the “Security, Identity & Compliance” section.

Next, go to the “Policies” section and click on the “Create policy” button.

Go to the “JSON” tab.

Insert the following parameters for the policy.

This guide uses “rocketchat-heyvaldemar” as the bucket name. You will need to provide your cart name.

Click on the “Review policy” button.

In the “Name” field, specify the name for the new policy and click on the “Create Policy” button.

NOTE

In this tutorial, “RocketChatFileUpload” will be used as the policy name to access the previously created bucket.

The policy has been successfully created.

Now you need to create a new user and assign him the previously created basket access policy. This user will be required to connect Rocket.Chat to S3 bucket.

Go to the “Users” section and click on the “Add users” button.

In the “User name” field, specify the name for the new user and click on the “Next: Permissions” button.

NOTE

In this manual, “rocketchat-upload” will be used as the username.

Next, select “Attach existing policies directly”.

In the search bar, specify the name of the previously created policy and in the search result, select the desired policy.

NOTE

In this tutorial, “RocketChatFileUpload” is used as the name of the policy to access the previously created bucket.

Click on the “Next: Tags” button.

In the next step, you do not have to make any changes.

Click on the “Next: Review” button.

Everything is ready to create a new user.

Click on the “Create user” button.

The user has been successfully created and has the necessary permissions to access the previously created S3 bucket.

Now you need to save the received “Access key ID” and “Secret access key”. This data will be needed to connect Rocket.Chat to a previously created basket.

Click on the “Show” button to display the contents of the “Secret access key” section and save the contents of the section to a safe place.

Click on the “Close” button.

The new user will appear in the “Users” section.

Now we need to find the code for the region in which the cart was created.

Visit the AWS documentation page and locate the appropriate region code in the “Region” column next to the “Region Name.” Make sure it matches the region where the bucket was created.

NOTE

In this manual, the bucket was created in the “EU (Frankfurt)” region, so the required region code value is “eu-central-1”.

Now you need to specify the parameters for connecting Rocket.Chat to the previously created basket.

Go to Rocket.Chat under an account with administrator rights, click on the icon with three dots in the upper left corner of the screen and select “Administration”.

Next, we find the “File Upload” section.

File Uploads Enabled must be set to True.

Protect Uploaded Files must be set to True.

File Uploads Enabled must be set to True.

The “Enable Json Web Tokens protection to file uploads” parameter must be set to “True”.

In the “Storage Type” field, select “AmazonS3”.

File Uploads Enabled in Direct Messages must be set to True.

Click on the “Save Changes” button.

Next, you need to specify the parameters in the “Amazon S3” subsection.

In the “Bucket name” field, specify the name of the previously created bucket.

In the “Access Key” field, specify the “Access key ID” obtained earlier after creating a user.

In the “Secret Key” field, enter the “Secret access key” obtained earlier after creating the user.

Enter the bucket region code—retrieved earlier from the AWS region list—into the “Region” field.

The “Proxy Avatars” parameter must be set to “True”.

Proxy Uploads must be True.

Click on the “Save Changes” button.

Now let’s upload a file from a computer to a common channel called IT in order to check the correctness of uploading files to Rocket.Chat using the Amazon S3 service.

Open a channel in Rocket.Chat, then in the lower right corner of the screen, click on the plus icon and select “Computer”.

Select the file you want to upload.

The file is ready to upload.

Click on the “Send” button.

The file has been uploaded successfully and is available to all members of the IT channel in Rocket.Chat.

Rocket.Chat users can now share files using the Amazon S3 service.

---

Social Channels#

• 🎬 YouTube
• 🐦 X (Twitter)
• 🎨 Instagram
• 🐘 Mastodon
• 🧵 Threads
• 🎸 Facebook
• 🧊 Bluesky
• 🎥 TikTok
• 💻 LinkedIn
• 📣 daily.dev Squad
• ✈️ Telegram
• 🐈 GitHub

---

Community of IT Experts#

• 👾 Discord

---

Is this content AI-generated?

No. Every article on this blog is written by me personally, drawing on decades of hands-on IT experience and a genuine passion for technology.

I use AI tools exclusively to help polish grammar and ensure my technical guidance is as clear as possible. However, the core ideas, strategic insights, and step-by-step solutions are entirely my own, born from real-world work.

Because of this human-and-AI partnership, some detection tools might flag this content. You can be confident, though, that the expertise is authentic. My goal is to share road-tested knowledge you can trust.