Amazon S3

Amazon Simple Storage Service (Amazon S3) is AWS’s object storage platform designed for highly durable, scalable, and secure file storage.

KraftAdmin includes a built-in S3 storage provider that uploads assets directly to your configured S3 bucket while keeping the core library independent of the AWS SDK.

S3 is recommended for production systems that require scalable storage, redundancy, and integration with other AWS services.

Why Amazon S3?

Amazon S3 is one of the most widely used cloud storage platforms in the world.

It offers:

  • Virtually unlimited storage
  • High durability
  • Automatic redundancy
  • Global availability
  • Secure HTTPS access
  • Fine-grained access control
  • Lifecycle management
  • Seamless integration with AWS services
  • CDN support through Amazon CloudFront

Instead of storing uploaded files on your application server, KraftAdmin uploads them directly to your S3 bucket.

How It Works

Browser
      │
      â–¼
KraftAdmin
      │
      â–¼
S3Adapter
      │
      â–¼
Amazon S3
      │
      â–¼
Bucket
      │
      â–¼
Public File URL

Once uploaded, the generated S3 URL is stored in your entity.

Example:

https://my-company-assets.s3.amazonaws.com/users/4db7f21a.jpg

Zero Compile Dependency

Like the Cloudinary provider, the S3 adapter avoids introducing mandatory AWS dependencies into KraftAdmin.

The adapter communicates with the AWS SDK using Java reflection.

This means:

  • KraftAdmin does not depend directly on the AWS SDK.
  • Applications that already use the AWS SDK work immediately.
  • Applications not using S3 do not carry unnecessary dependencies.

Creating the Provider

Pass your configured AWS S3Client together with the bucket name.

val storage = S3Adapter(
    s3Client = s3Client,
    bucketName = "my-company-assets"
)

Upload Process

When a file is uploaded, KraftAdmin:

  1. receives the uploaded bytes
  2. generates a unique filename
  3. uploads the object into the configured bucket
  4. returns the public file URL

The generated object key follows this pattern:

<context>/<uuid>.<extension>

For example:

users/3e8f21c5.png

or

products/81c9d62f.pdf

Folder Organization

Every upload is organized using a context.

Example contexts include:

users
products
blog-posts
documents

Resulting bucket structure:

my-company-assets
│
├── users/
│     avatar.png
│
├── products/
│     manual.pdf
│
└── blog-posts/
      banner.jpg

This makes assets easy to browse inside the AWS Console.

Generated URLs

After a successful upload, KraftAdmin returns the object’s public URL.

Example:

https://my-company-assets.s3.amazonaws.com/products/manual.pdf

This URL is stored directly in the entity.

Updating Files

Replacing an existing file follows a simple lifecycle.

Existing File
       │
       â–¼
Delete Old Object
       │
       â–¼
Upload New Object
       │
       â–¼
Store New URL

This ensures that obsolete files do not remain in your bucket unnecessarily.

Deleting Files

When an entity is deleted, KraftAdmin removes the associated object from Amazon S3.

The adapter extracts the object key from the stored URL before issuing a delete request.

Example URL:

https://my-company-assets.s3.amazonaws.com/users/avatar.png

Extracted object key:

users/avatar.png

The object is then permanently removed from the bucket.

Ownership Detection

The S3 provider only manages files belonging to its configured bucket.

For example:

https://my-company-assets.s3.amazonaws.com/profile.png

belongs to this provider.

Whereas:

https://res.cloudinary.com/demo/image/upload/...

does not.

This prevents one storage provider from accidentally deleting files managed by another.

Bucket Configuration

The bucket should already exist before KraftAdmin uploads files.

Typical bucket configuration includes:

  • Public read access (if assets are publicly accessible)
  • Appropriate IAM permissions
  • HTTPS enabled
  • CORS configuration (if required)
  • Versioning (optional)
  • Lifecycle policies (optional)

KraftAdmin does not create buckets automatically.

AWS Permissions

The configured AWS credentials should allow the following operations:

  • PutObject
  • DeleteObject

If files need to be listed externally, additional permissions may be granted, but they are not required by KraftAdmin.

Integration Example

@Bean
fun storageProvider(
    s3Client: S3Client
): AdminStorageProvider {

    return S3Adapter(
        s3Client,
        "my-company-assets"
    )
}

Once registered, every upload generated by KraftAdmin is stored in the configured bucket.

Advantages

Amazon S3 provides:

  • Extremely high durability
  • Virtually unlimited storage
  • Global infrastructure
  • Strong security model
  • IAM integration
  • Lifecycle policies
  • Backup and recovery
  • CloudFront CDN support
  • Cost-effective long-term storage

Considerations

Unlike Local Storage, S3 is a managed cloud service.

Applications should consider:

  • Storage costs
  • Bandwidth costs
  • Request pricing
  • IAM configuration
  • Bucket security
  • Regional deployment

These trade-offs are typically worthwhile for production applications requiring scalable storage.

Best Use Cases

Amazon S3 is recommended for:

  • Enterprise applications
  • SaaS platforms
  • Large-scale administration systems
  • Multi-server deployments
  • Kubernetes environments
  • Applications hosted on AWS
  • High-volume media storage
  • Long-term document storage

Next Steps

  • Configure Local Storage
  • Configure Cloudinary Storage
  • Learn about file upload fields
  • Customize upload validation with FileConfig