It would be awesome if you gave an example AWS IAM policy for S3 and linked to it from your Hosting setup tab. It's best practice to create an IAM user specifically for Siteleaf with limited permissions. Without knowing exactly what permissions are needed this is a bit hard. I ended up using a very open policy that is restricted to the specific bucket. Like this one: https://gist.github.com/sskylar/f364872b395f2bf94303