When we updated our Rails 3.2 apps to each use their own IAM users and policies (instead of sharing a root S3 key/secret), we found that the aws-s3 (0.6.3) gem was causing S3Object.exists?() to always return true.

Although an updated aws-s3 gem may eventually fix the issue, the quick wrokaround was to modify the IAM policy to include both BUCKET and BUCKET/* (normally we need just the latter). Specifically:

{ "Version": "2012-10-17", 
"Statement": [ 
   { "Sid": "Stmt1234567890", 
    "Effect": "Allow", 
    "Action": [ "s3:*" ], 
    "Resource": 
         [ "arn:aws:s3:::SOMEBUCKET", 
          "arn:aws:s3:::SOMEBUCKET/*" ] 
}  ] }