Access Denied S3 with Paperclip

None of the existing answers actually state which policies you need to grant, so here they are: s3:PutObject, s3:DeleteObject, and s3:PutObjectAcl.

Here's the complete S3 bucket policy I'm using to allow Paperclip to put objects with the :public_read permission:

{    "Version": "2008-10-17",    "Statement": [        {            "Effect": "Allow",            "Principal": {                "AWS": "arn:aws:iam::IAM_USER_ID:user/IAM_USER_NAME"            },            "Action": [                "s3:PutObject",                "s3:DeleteObject",                "s3:PutObjectAcl"            ],            "Resource": "arn:aws:s3:::S3_BUCKET_NAME/*"        }    ]}

As explained in the accepted answer, you should not need "Admin Access". However, the typical policy for giving access to a bucket, as documented in some examples given by Amazon, could not be enough for paperclip.

The following policy worked for me:

{    "Version": "2012-10-17",    "Statement": [        {            "Effect": "Allow",            "Action": [                "s3:GetBucketLocation",                "s3:ListAllMyBuckets"            ],            "Resource": "arn:aws:s3:::*"        },        {            "Effect": "Allow",            "Action": [                "s3:ListBucket"            ],            "Resource": [                "arn:aws:s3:::bucket-name-to-be-set-by-you"            ]        },        {            "Effect": "Allow",            "Action": "s3:*",            "Resource": [                "arn:aws:s3:::bucket-name-to-be-set-by-you/*"            ]        }    ]}

You should not really need the Admin Access to achieve this. Make sure you have AWS access_key_id and secret_access_key setup in your heroku config. And, you also would need to make sure your user account has an Access Policy set in the AWS IAM Console.

See this post for some more info.

The default permission for Paperclip is :public_read unless you specify the bucket to be private.

See this for information about Module: Paperclip::Storage::S3