lundi 26 février 2018

Why an AccessDenied error on S3 files?

Some of the files uploaded on S3 can't be read because of an AccessDenied error. It was working well so far...

Gemfile

ruby '2.2.0'
gem 'rails', '3.2.22.2'
gem 'pg', '0.18.4'
gem 'sprockets', '2.2.3'
gem 'carrierwave', '0.11.0'
gem 'fog', '1.38.0', require: 'fog/aws'

carrierwave.rb

if Rails.env.test?
  CarrierWave.configure do |config|
    config.storage = :file
    config.enable_processing = false
  end
else
  CarrierWave.configure do |config|
    config.storage = :fog
    config.fog_credentials = {
      provider: Figaro.env.fog_provider,
      aws_access_key_id: Figaro.env.fog_aws_access_key_id,
      aws_secret_access_key: Figaro.env.fog_aws_secret_access_key,
      region: Figaro.env.fog_region,
    }

    config.fog_directory  = "mycompany-#{Rails.env}"
    config.fog_public     = true
    config.fog_attributes = { 'Cache-Control' => "max-age=#{365.days.to_i}" }
    config.permissions = 0666
  end
end

URL I'm trying to reach:

https://mycompany-production.s3.amazonaws.com/uploads/coaching/attachment/1735/File-Uploaded-0001.pdf

The error AWS give me:

<Error>
    <Code>AccessDenied</Code>
    <Message>Access Denied</Message>
    <RequestId>12D13432D83CD9DE</RequestId>
    <HostId>
        SKLsZ20cJ4x2uxxIR/6ejZ6w6rpbH9HU18+22Sm6/sr+t1mVwe8+zWpe+lFl0v05GMU0TWtcNOI=
    </HostId>
</Error>

How can I set the Read-Only attribute on some folders? AWS S3 allow me to "Make the folder public" but I don't want that.

Thank you

Aucun commentaire:

Enregistrer un commentaire