Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Automatically set files to public once uploaded #73

Closed
mattlanham opened this Issue Mar 5, 2014 · 11 comments

Comments

Projects
None yet
8 participants

Hi There,

I may be doing something wrong, but each time i push the website up to S3 i have to manually set all of the files and folders to public again to get around the 403 access denied, would it be possible to automate this, or is there something else i can do?

Owner

laurilehmijoki commented Mar 5, 2014

Hi

Sounds strange. Only the s3_website cfg apply command should modify the S3 bucket permissions. The push command should not affect permissions in any way.

Yea also agree it's strange, each time i run s3_website push i have to go into the S3 console and make the folders / files public, is there any other way to make it always public?

The only variables i have in the s3_website.yml are s3_id, s3_secret, s3_bucket, s3_endpoint everything else is commended out.

I've managed to fix it by putting the following policy in place:

{
  "Version":"2012-10-17",
  "Statement":[{
    "Sid":"AddPerm",
        "Effect":"Allow",
      "Principal": {
            "AWS": "*"
         },
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::bucket/*"
      ]
    }
  ]
}
Owner

laurilehmijoki commented Mar 6, 2014

I'm closing this issue because it is not directly related to this gem.

Please open this again if you invent a way to improve the documentation or code.

Having the same issue.

guaka commented Feb 19, 2015

S3 noob experiencing the same problem.
What do I do with the policy indicated above?

Owner

laurilehmijoki commented Feb 19, 2015

Go to AWS Console and open the bucket policy editor of your S3 website bucket. Add the indicated policy there. Does that solve your problem?

I had the same problem, but the policy above didn't work. I had better luck with the following policy.

  "Version":"2012-10-17",
  "Statement":[{
    "Sid":"PublicReadGetObject",
        "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::example-bucket/*"
      ]
    }
  ]
}

Source: http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteAccessPermissionsReqd.html

For those Googling, @eremzeit's solution worked for me.

robouk commented Aug 2, 2016

+1 @eremzeit solution

I was kind of baffled by not having more information about setting bucket permissions – it was clear that I was making the site private after each build but I couldn't understand why s3_website was doing that. Would liked to have seen some documentation around this.

That said, @eremzeit 's solution seems to have fixed the issue, though. Using this in a middleman + DatoCMS + CircleCI + S3 + Cloudfront site.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment