Setting up Yandex Object Storage for 1C-Bitrix

Configuration of Yandex Object Storage for 1C-Bitrix

Yandex Object Storage is S3-compatible, but with several differences from AWS that break standard Bitrix S3 integration. The endpoint is not amazonaws.com, the region is always ru-central1, and the bucket URL has its own format.

Connection Parameters

Yandex Object Storage endpoint: https://storage.yandexcloud.net. Region: ru-central1. Public access URL format: https://[bucket].storage.yandexcloud.net/[key] — virtual hosted style.

In /bitrix/admin/main_cloud_storage.php:

• Storage Type: Amazon S3 (compatible)
• Endpoint: https://storage.yandexcloud.net
• Region: ru-central1
• Access Key: static key identifier from Yandex.Cloud console
• Secret Key: secret key
• Bucket: bucket name

Creating a service account and keys — in Yandex.Cloud console: IAM → Service Accounts → Create → Grant storage.editor role on bucket → Create static access key.

Divergence from Bitrix Module

The main.cloudstorages module in Bitrix uses AWS SDK PHP. When connecting to Yandex Object Storage through this SDK, there's a Signature Version problem. Yandex supports only AWS Signature Version 4 (SigV4), and the SDK for custom endpoints may try to use SigV2. Explicit specification of signature version:

// Class /bitrix/modules/main/lib/cloudstorages/amazon.php
$s3Client = new \Aws\S3\S3Client([
    'version'       => 'latest',
    'region'        => 'ru-central1',
    'endpoint'      => 'https://storage.yandexcloud.net',
    'signature'     => 'v4',
    'credentials'   => [
        'key'    => $accessKey,
        'secret' => $secretKey,
    ],
]);

If the module doesn't allow passing the signature parameter through interface, edit the provider class with backup — or apply a patch through inheritance.

CORS for Browser Upload

When using direct upload to Object Storage from browser (presigned URL), CORS configuration of the bucket is necessary. In Yandex.Cloud console, "CORS" section:

<CORSConfiguration>
  <CORSRule>
    <AllowedOrigin>https://example.com</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
    <MaxAgeSeconds>3600</MaxAgeSeconds>
  </CORSRule>
</CORSConfiguration>

Without CORS, the browser blocks file uploads from TinyMCE editor or custom upload forms.

Lifecycle Policies for Temporary Files

Yandex Object Storage supports lifecycle rules — automatic deletion of files older than N days. Useful for temporary import/export files that Bitrix puts in /upload/tmp/ and /upload/import/. Configuration in console or via API:

{
    "Rules": [{
        "ID": "cleanup-tmp",
        "Status": "Enabled",
        "Filter": { "Prefix": "upload/tmp/" },
        "Expiration": { "Days": 7 }
    }]
}

CDN Configuration

Yandex Cloud CDN integrates with Object Storage in two minutes: create CDN resource with bucket as source, specify CDN domain in main.cloudstorages settings as CDN_URL. After that, Bitrix forms public URLs through CDN, and files are served from nearest presence point.

Parameter in module settings:

\Bitrix\Main\Config\Option::set('main', 'cloud_storage_cdn_url', 'https://cdn.example.com');

In this case, file writing goes directly to the bucket, and reading goes through CDN. For Bitrix's image resize cache, this provides noticeable speed increase for catalog page loads.