Paperclip with Amazon S3 Without Credentials And Match Bug
You can use Paperclip for saving files to Amazon S3.
Use gems "aws-sdk-s3" and "paperclip"
In development.rb:
config.paperclip_defaults = {
:storage => :s3,
:s3_host_name => 'REMOVE_THIS_LINE_IF_UNNECESSARY',
:s3_credentials => {
:access_key_id => AWS_ACCESS_KEY_ID,
:secret_access_key => AWS_SECRET_ACCESS_KEY,
:s3_region => "YOUR_S3_REGION_HERE"
},
:bucket => 'S3_BUCKET_NAME'
}In production.rb:
config.paperclip_defaults = {
:storage => :s3,
:preserve_files => true,
:s3_host_name => 'REMOVE_THIS_LINE_IF_UNNECESSARY',
:s3_credentials => {
:access_key_id => AWS_ACCESS_KEY_ID,
:secret_access_key => AWS_SECRET_ACCESS_KEY,
:s3_region => "YOUR_S3_REGION_HERE"
},
:bucket => 'S3_BUCKET_NAME'
}Note: @:preserve_files@ is strongly recommended in production configurations to avoid file loss as described in "issue 1929":https://github.com/thoughtbot/paperclip/issues/1929 .
In aws.yml (automatically loaded by aws-sdk):
development:
access_key_id: AWS_ACCESS_KEY_ID
secret_access_key: AWS_SECRET_KEY_ID
production:
access_key_id: AWS_ACCESS_KEY_ID
secret_access_key: AWS_SECRET_KEY_IDYou may need to state the s3 host_name if other than US standard: "http://www.rubydoc.info/gems/paperclip/Paperclip/Storage/S3#s3_host_name-instance_method":http://www.rubydoc.info/gems/paperclip/Paperclip/Storage/S3#s3_host_name-instance_method
h2. AWS Permissions
The access key and secret can be obtained from AWS when you create an IAM user. You will need to add a policy to the bucket as well, so the user has appropriate permissions. Here is a template you can use:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "(user-ARN)"
},
"Action": "s3:*",
"Resource": "arn:aws:s3:::(bucket-name)/*"
}
]
}The users ARN can be obtained from the IAM console.