403 Error When Uploading Image on Heroku to S3 with Carrierwave and Fog

Question

Everything is working as expected locally. Once I push to heroku I can no longer upload images.

The error code I get from heroku logs is: Excon::Errors::Forbidden (Expected(200) <=> Actual(403 Forbidden)

The XML response contains: <Code>AccessDenied</Code><Message>Access Denied</Message>

My fog.rb:

CarrierWave.configure do |config|
  config.fog_credentials = {
    :provider               => 'AWS',
    :aws_access_key_id      => ENV["ACCESS_KEY_ID"],
    :aws_secret_access_key  => ENV["SECRET_ACCESS_KEY"]
    #:region                 => 'eu-west-1'
  }

  #Required for Heroku
  config.cache_dir = "#{Rails.root}/tmp/uploads"

  config.fog_directory = ENV["BUCKET_NAME"]

end

My Uploader:

class ImageUploader < CarrierWave::Uploader::Base
    storage :fog
    def store_dir 
        "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
    end
end

Heroku has the correct environment variables - I used the figaro gem. I also set them manually after I got the 403 the first few times to make sure figaro had no errors.

I thought this may be a problem with the region but my bucket is US and carrierwave documentation says the default is us-east-1

What is causing the issue on Heroku but not locally?

Answer 1

Forbidden may mean an issue with the configured directory (rather than the other credentials). Are you using the same BUCKET_NAME value both locally and on Heroku? I know I've certainly tried to use things with a different bucket that I had not yet created (which might also given this error). So checking the value is what you expect (and that the bucket already exists) are a couple good starting points. Certainly happy to discuss and continue helping if that doesn't solve it for you though.