Here is the policy I added:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MakeItPublic",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/*"
}
]
}
I created an IAM and attached the AmazonS3FullAccess to that IAM.
In my rails app, I display the pictures like this:
- @pictures.each do |picture|
%img{src: picture.image_url}
and the generated url is something like:
https://leaguedraw.s3-us-west-2.amazonaws.com/uploads/73dfe6c6-0c25-496c-be9f-6f2beb75d7c3.png?AWSAccessKeyId=myaccesskey&Expires=1434472944&Signature=d1vIYOQt410%2BgcXs6%2BATSCsG2Mk%3D
when I just want this:
https://leaguedraw.s3-us-west-2.amazonaws.com/uploads/73dfe6c6-0c25-496c-be9f-6f2beb75d7c3.png
What else do I need to do to generate the latter url?
Additional info: using carrierwave gem and carrierwave-aws gem
Turns out I need to change the acl in the configuration file from
to
even though the documentation said to use
:'public-read'
.