I follow Hartl railstutorial.org and reached 11.4.4: Uploading an image to production . What I've done:
- Signed up for Amazon Web Services.
- In Amazon Identity and Access Management, I created a user. The user was created successfully.
- In Amazon S3, I created a new bucket.
- Set permissions for the new bucket:
Access rights:
The tutorial instructs "to provide read and write permission to the user created in the previous step." However, in the Permissons section for the bucket, the new username is not mentioned. I could only choose between all verified users, log shipping, me and username. Amazon seems to have created itself from my name + number. I tried this by selecting Authenticated users and set the checkboxes for the Upload / Delete and View permissions (and did not select the List and Edit permissions). I also tried this by selecting "All" and checking all four fields. The results were the same.
- I implemented the Rails application according to the instructions in the tutorial (I don’t believe that nothing was there, so I didn’t include these steps here so as not to make it take too long).
The initializer is carrier_wave.rbinstalled in the code below. I added region: 'eu-west-1'to the initializer (the idea I got from here ) to get rid of the message connecting to the matching region will be more performant.
if Rails.env.production?
CarrierWave.configure do |config|
config.fog_credentials = {
:provider => 'AWS',
:aws_access_key_id => ENV['S3_ACCESS_KEY'],
:aws_secret_access_key => ENV['S3_SECRET_KEY'],
:region => 'eu-west-1'
}
config.fog_directory = ENV['S3_BUCKET']
end
end
- He worked in development, and I clicked on Heroku.
Error:
When I use the bootloader in production to upload the image, I get an error message We're sorry, but something went wrong.The Heroku server log says:
app[web.1]: SQL (1.7ms) UPDATE "users" SET "avatar" = $1, "updated_at" = $2 WHERE "users"."id" = $3 [["avatar", "animaatjes.png.gif"], ["updated_at", "2015-05-20 12:37:56.683858"], ["id", 18]]
heroku[router]: at=info method=POST path="/users/18" host=xxx.herokuapp.com request_id=xxx-7f9f-4580-89ba-xxx fwd="xx.xxx.xx.xxx" dyno=web.1 connect=0ms service=3461ms status=500 bytes=1714
app[web.1]: Completed 500 Internal Server Error in 3317ms (ActiveRecord: 13.0ms)
app[web.1]: (1.4ms) ROLLBACK
app[web.1]: Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden)
app[web.1]: excon.error.response
app[web.1]: :body => "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>F8xxxD89</RequestId><HostId>MdB5iSMgxxx1vqE+Q=</HostId></Error>"
app[web.1]: :headers => {
app[web.1]: "Connection" => "close"
app[web.1]: "Content-Type" => "application/xml"
app[web.1]: "Date" => "Wed, 20 May 2015 12:37:57 GMT"
app[web.1]: "Server" => "AmazonS3"
app[web.1]: "x-amz-id-2" => "MdB5iSMg***K1vqdP+E+Q="
app[web.1]: "x-amz-request-id" => "F80A**C58"
app[web.1]: }
app[web.1]: :local_address => "***.**.**.**"
app[web.1]: :local_port => *****
app[web.1]: :reason_phrase => "Forbidden"
app[web.1]: :remote_ip => "**.***.***.***"
app[web.1]: :status => 403
app[web.1]: :status_line => "HTTP/1.1 403 Forbidden\r\n"
app[web.1]: app/controllers/users_controller.rb:46:in 'update'
app[web.1]: Completed 500 Internal Server Error in 6151ms (ActiveRecord: 60.7ms)
How am I wrong? I seem to have something to do with permissions?
Update:
, . AmazonS3FullAccess, . AmazonS3ReadOnlyAccess, . 2 : . AmazonS3FullAccess, ?
, ( ), 403 Forbidden.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": ["arn:aws:s3:::mybucket"]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": ["arn:aws:s3:::mybucket/*"]
}
]
}