I’ve started using S3 to host images connected to Rails models. Images are not uploaded by users so I just use aws_sdk gem to store images to S3 buckets.
So far I’ve succeeded in storing the image, but I am confused about the permission. Maybe I’m wrong but it seems most of the documents talking about S3 permission are outdated and I can’t find what they are referring to.
What I want to do is pretty basic. I just want to host images and the image themselves are public so anyone can view. However I don’t want anyone to just access my bucket and see everything else that’s hosted there. So basically it’s just a normal web app that hosts images on S3. How and where can I change the permission settings so it works that way? Currently the access is only granted to myself and images are not viewable by typing the url in a browser.
Answering my own question:
It seems that it’s not as simple as setting something as “public” and expect everything to work. Basically you need to write a policy and apply it to a bucket if you want your bucket to be viewable by public.
Here’s the page where you can build your policy: http://awspolicygen.s3.amazonaws.com/policygen.html