Buckets
Organize and configure storage containers for your files.
Overview
Buckets are containers that organize your files with configurable access policies:
- Define access levels (public, private, protected)
- Set file size limits
- Configure allowed file types
- Projectly security policies
Creating a Bucket
Navigate to Storage
Go to the Storage section in your project dashboard.
Click New Bucket
Click the "New Bucket" button.
Configure Bucket
Set the bucket name, visibility, and options.
Save Bucket
Click "Create" to create the bucket.
Bucket Types
| Type | Access | Use Case |
|---|---|---|
| Public | Anyone can read | Public images, assets, downloads |
| Private | Authenticated users only | User uploads, documents |
| Protected | Custom RLS policies | Complex access requirements |
Bucket Configuration
| Option | Description | Default |
|---|---|---|
| Name | Unique bucket identifier | Required |
| Public | Allow unauthenticated access | false |
| File Size Limit | Maximum file size in bytes | 50MB |
| Allowed MIME Types | Restrict file types | All types |
Create Bucket via API
// JavaScript/TypeScript
const response = await fetch('https://your-project.dypai.io/storage/v1/bucket', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + serviceRoleKey
},
body: JSON.stringify({
name: 'avatars',
public: true,
file_size_limit: 5242880, // 5MB in bytes
allowed_mime_types: ['image/png', 'image/jpeg', 'image/webp']
})
});
const bucket = await response.json();
console.log('Bucket created:', bucket.name);Creating buckets requires the service role key with admin privileges.
List Buckets
// Get all buckets
const response = await fetch('https://your-project.dypai.io/storage/v1/bucket', {
headers: {
'Authorization': 'Bearer ' + accessToken
}
});
const buckets = await response.json();
buckets.forEach(bucket => {
console.log(bucket.name, bucket.public ? 'public' : 'private');
});Update Bucket
// Update bucket configuration
const response = await fetch('https://your-project.dypai.io/storage/v1/bucket/avatars', {
method: 'PUT',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + serviceRoleKey
},
body: JSON.stringify({
public: false,
file_size_limit: 10485760, // 10MB
allowed_mime_types: ['image/*']
})
});Delete Bucket
// Delete a bucket (must be empty)
const response = await fetch('https://your-project.dypai.io/storage/v1/bucket/old-bucket', {
method: 'DELETE',
headers: {
'Authorization': 'Bearer ' + serviceRoleKey
}
});Buckets must be empty before deletion. Delete all files first.
Empty a Bucket
// Empty all files in a bucket
const response = await fetch('https://your-project.dypai.io/storage/v1/bucket/temp-files/empty', {
method: 'POST',
headers: {
'Authorization': 'Bearer ' + serviceRoleKey
}
});Emptying a bucket permanently deletes all files. This action cannot be undone.
Bucket Policies
Create RLS policies for fine-grained access control:
-- Allow users to upload to their own folder
CREATE POLICY "Users can upload to own folder"
ON storage.objects FOR INSERT
TO authenticated
WITH CHECK (
bucket_id = 'avatars' AND
(storage.foldername(name))[1] = auth.uid()::text
);
-- Allow users to read their own files
CREATE POLICY "Users can read own files"
ON storage.objects FOR SELECT
TO authenticated
USING (
bucket_id = 'avatars' AND
(storage.foldername(name))[1] = auth.uid()::text
);
-- Public read access for avatars
CREATE POLICY "Public avatar access"
ON storage.objects FOR SELECT
TO public
USING (bucket_id = 'avatars');Common Bucket Patterns
User Avatars
{
"name": "avatars",
"public": true,
"file_size_limit": 2097152, // 2MB
"allowed_mime_types": ["image/png", "image/jpeg", "image/webp"]
}Private Documents
{
"name": "documents",
"public": false,
"file_size_limit": 52428800, // 50MB
"allowed_mime_types": ["application/pdf", "application/msword"]
}Media Uploads
{
"name": "media",
"public": true,
"file_size_limit": 104857600, // 100MB
"allowed_mime_types": ["image/*", "video/*", "audio/*"]
}