Yandex Object Storage

A few years later, I again faced the same task, but the customer insisted on domestic cloud storage.

Below I will tell you a little about what signed links are, how to switch to Yandex Object Storage (YOS), and why YOS and AWS S3 are one and the same!

Client/server optimization when working with binary files

Fig 1 - Options for uploading files to the cloud with a client-server architecture — Fig 1 – Options for uploading files to the cloud with a client-server architecture

What are signed links?

This is a URL containing data for request authorization in its parameters.

That is, for sending any binary file to a specific link, it will be automatically uploaded to the cloud after validating the parameters from the url.

What is the advantage?

In the case of the classical architecture, the user first uploads the file to the client, then the client sends a request with the file in the body to the server, and only after that the server sends the same file to the cloud.

It turns out that we load one file from one structure element to another 3 times.
Of course, if the file is small in size, then there will be no downtime, and the server will not be heavily loaded.
But what if it’s a long video, in good resolution???

In the case of signed links, the file is downloaded directly from the client to the cloud, bypassing the server.

Accordingly, it turns out that the download takes place only 2 times from the user to the client, and from the client to the cloud. We reduce the operating time of 1 operation by + – 1.5 times.

I started working on the task itself from registering on Yandex Cloud, the glory is that the concept is the same as that of AWS.

Fig 2 - Cloud creation interface on YOS — Fig 2 – Cloud creation interface on YOS

We add a “Service account” – in other words, a digital user containing static and private access keys. For a service account, you can specify its roles in the directory, thus separating access areas when working with YOS.

Important: After creating a service account, don’t forget to add a static access key to it and save them!

Fig 3 - Service account creation interface — Fig 3 – Service account creation interface

On this, consider that the work with the site is over, then there will be code, code and code again.

AWS SDK and Yandex Object Storage

Thinking about the technical implementation, I figured that the essence of the signed url from the storage location does not change. And after all, I was right, having looked in the documentation of AWS S3 and YOS how the link is generated, I did not notice any differences.

Here it was decided to use the already familiar SDK for NodeJS from Amazon.

Initialized AWS, registered all keys in .env, and Yandex has only 1 region – ru-central1

import AWS from 'aws-sdk';
import { AWS_REGION, AWS_USER_KEY, AWS_USER_SECRET_KEY } from '../../config';

const accessKeyId = AWS_USER_KEY;
const secretAccessKey = AWS_USER_SECRET_KEY;

AWS.config.update({ region: AWS_REGION, accessKeyId, secretAccessKey });

export default AWS;

const client = new aws.S3({
  endpoint: 'https://storage.yandexcloud.net',
});

The task is the need to receive a signed link by which the client can upload the file to the cloud, and this is what he implemented.

export const getSignedUrl = async ({ type }: GetSignedUrlInput): Promise<GetSignedUrlResponse> => {
  const action = 'putObject';
  let objectKey = cuid();

  let params = {
    Bucket: AWS_BUCKET_NAME,
    Key: `${objectKey}.${mime.extension(type)}`,
    ContentType: type,
    Expires: Number(SIGN_URL_EXPIRES),
    ACL: 'public-read',
  };

  const signedURL: string = await new Promise((resolve, reject) => {
    client.getSignedUrl(action, params, (err, url) => {
      if (err) {
        reject(err);
      } else {
        resolve(url);
      }
    });
  });

  return { signedURL, objectURL: `https://${AWS_BUCKET_NAME}.storage.yandexcloud.net/${params.Key}`, expensive: params.Expires };
};

Now let me explain what is happening here: