We're using the latest PHP AWS S3 SDK.
We've been given a ARN Bucket name
eg:
arn:aws:s3:::project-s3-eu-west-2-d-app-uploads
Using the PHP Code, we're trying:
<?php
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
$s3 = new S3Client([
'version' => 'latest',
'region' => 'eu-west-2',
'use_arn_region' => TRUE, // or FALSE
]);
$s3->putObject([
'Bucket' => 'arn:aws:s3:::project-s3-eu-west-2-d-app-uploads',
// 'Bucket' => 'project-s3-eu-west-2-d-app-uploads.s3.eu-west-2.amazonaws.com', // this did not work
'Key' => 'random-unique-name.ext',
'Body' => fopen('/local/file/path/name.ext', 'r'),
'ACL' => ACL_PUBLIC_READ,
]);
?>
But - no matter what we try, we get the following error:
Bucket parameter parsed as ARN and failed with: Provided ARN was not a valid S3 access point ARN or S3 Outposts access point ARN.
Have you used an ARN for auth, not a Key/Secret?
Thanks
Related
I am sending file to AWS s3 using PHP SDK. I installed SDK using
composer require aws/aws-sdk-php
I am using following code
require_once('vendor/autoload.php');
$s3 = new Aws\S3\S3Client([
'region' => AWS_REGION,
'version' => 'latest',
'credentials' => [
'key' => AWS_ACCESS_KEY_ID,
'secret' => AWS_SECRET_ACCESS_KEY,
]
]);
$result = $s3->putObject([
'Bucket' => AWS_BUCKET,
'Key' => $filename,
'SourceFile' => $fileFullPath
]);
Following response, I am getting
I am trying to get status code from this response and tried different ways, but I could not get status code.
You are returned an object with a private array called "data" but you are also able to just call the data by attribute. So using $result['#metadata']['statusCode'] works just fine.
$result['#metadata']['statusCode'] == 200
According to your example.
Worked fine for me
$result['#metadata']['statusCode'] == 200
I am unable to use the method ListObjects to access AWS S3 using the Secure Token Service.
The documentation states a bucket and it's object can be private, while we can use AWS STS to gain temporary credentials to access the S3 objects.
I am attempting to create a Graphics Server. I have a separate service that you can query. During the response, my plan is to use AWS STS to expose the images in my S3 bucket.
use Aws\Sts\StsClient;
use Aws\S3\S3Client;
use Aws\S3\Exception\S3Exception;
$bucket = 'bucket_name';
// the security credentials that you use to obtain temporary security credentials.
$stsClient = StsClient::factory(array(
'credentials' => array(
'secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
'key' => 'YYYYYYYYYYYYYYYYYYYYYYYYY'
),
'region'=>'us-east-1',
'version'=>'latest'
));
// Fetch the federated credentials.
$sessionToken = $stsClient->getFederationToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
// The following will be part of your less trusted code. You provide temporary
// security credentials so the code can send authenticated requests to Amazon S3.
$s3 = new S3Client([
'region' => 'us-east-1',
'version' => 'latest',
'credentials' => [
'key' => $sessionToken['Credentials']['AccessKeyId'],
'secret' => $sessionToken['Credentials']['SecretAccessKey'],
'token' => $sessionToken['Credentials']['SessionToken']
]
]);
print_r($sessionToken);
echo "<br/>";
echo "<br/>";
try {
$result = $s3->listObjects([
'Bucket' => $bucket
]);
} catch (S3Exception $e) {
echo $e->getMessage() . PHP_EOL;
}
I was expecting a list of S3 Object Keys. But instead I get an error message:
Error executing "ListObjects" on "https://s3.amazonaws.com/bucket_name?encoding-type=url"; AWS HTTP error: Client error: GET
https://s3.amazonaws.com/bucket_name?encoding-type=url resulted in a 403 >Forbidden response: AccessDeniedAccess Denied AccessDenied (client): >Access Denied - AccessDeniedAccess Denied XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
found my answer. I was calling the wrong method.
I changed this:
$sessionToken = $stsClient->getFederationToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
to this:
$sessionToken = $stsClient->getSessionToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
use getSessionToken instead of getFederationToken, which is kinda obvious.
I'm trying to Download Private S3 Object and store it on website Server
Here is what I'm Trying
$s3 = new S3Client([
'version' => 'latest',
'region' => 'ap-south-1',
'credentials' => array(
'key' => '*****',
'secret' => '*******'
)
]);
$command = $s3->getCommand('GetObject', array(
'Bucket' => 'bucket_name',
'Key' => 'object_name_in_s3'
'ResponseContentDisposition' => 'attachment; filename="'.$my_file_name.'"'
));
$signedUrl = $command->createPresignedUrl('+15 minutes');
echo $signedUrl;
How can i save these files on my server
From Get an Object Using the AWS SDK for PHP:
use Aws\S3\S3Client;
$bucket = '*** Your Bucket Name ***';
$keyname = '*** Your Object Key ***';
$filepath = '*** Your File Path ***';
// Instantiate the client.
$s3 = S3Client::factory();
// Save object to a file.
$result = $s3->getObject(array(
'Bucket' => $bucket,
'Key' => $keyname,
'SaveAs' => $filepath
));
If you just want to download a file from the command line (instead of an app), you can use the AWS Command-Line Interface (CLI) -- it has an aws s3 cp command.
The Pre-signed URL in your code can be used to grant time-limited access to a private object stored in an Amazon S3 bucket. Typically, your application generates the URL and includes it in a web page for users to click and download the object. There is no need to use it on the server-side, because the server would have credentials that are authorized to access content in Amazon S3.
I am trying to connect to my S3 to upload a file via my server but whenever i try to run the PHP, i encounter the following error below. I included the Version and Region but yet the issue still stands?
Error:
Fatal error: Uncaught exception 'InvalidArgumentException' with message 'Missing required client configuration options: region: (string) A "region" configuration value is required for the "s3" service (e.g., "us-west-2"). A list of available public regions and endpoints can be found at http://docs.aws.amazon.com/general/latest/gr/rande.html. version: (string) A "version" configuration value is required. Specifying a version constraint ensures that your code will not be affected by a breaking change made to the service. For example, when using Amazon S3, you can lock your API version to "2006-03-01". Your build of the SDK has the following version(s) of "s3": * "2006-03-01" You may provide "latest" to the "version" configuration value to utilize the most recent available API version that your client's API provider can find. Note: Using 'latest' in a production application is not recommended. A list of available API versions can be found on each client's API documentation page: http:/ in /srv/http/auploader/include/Aws/ClientResolver.php on line 364
My Code:
<?PHP
require '/srv/http/test/include/aws-autoloader.php';
use Aws\S3\S3Client;
use Aws\S3\Exception\S3Exception;
$bucket = 'testbucket';
$keyname = 'sample';
// $filepath should be absolute path to a file on disk
$filepath = '/srv/http/testfile/setup.html';
// Instantiate the client.
$s3 = S3Client::factory(array(
'key' => 'blank',
'secret' => 'blank'
));
try {
// Upload data.
$result = $s3->putObject(array(
'Bucket' => $bucket,
'Key' => $keyname,
'SourceFile' => $filepath,
'ACL' => 'public-read',
'Region' => 'eu-west-1',
'Version' => '2006-03-01'
));
// Print the URL to the object.
echo $result['ObjectURL'] . "\n";
} catch (S3Exception $e) {
echo $e->getMessage() . "\n";
}
?>
You have to create an object of S3. And keys you have put is misplaced please do it as following.
$s3 = S3Client::factory([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => [
'key' => "your s3 bucket key",
'secret' => "your s3 bucket secret key",
]
]);
By using s3 object you can implement putObject method something like this.
$result = $s3->putObject(array(
'Bucket' => "yourbucket name",
'Key' => $keyName,
'SourceFile' => $filepath,
'ACL' => 'public-read', //for making the public url
'Version' => '2006-03-01'
));
));
Hope it helps!
For SES AWS SDK v3 use
/*
* 1. version as `2010-12-01`
* 2. version as Eg. `us-east-1`.
*/
ini_set("display_errors", 1);
Aws\Ses\SesClient::factory(array(
'credentials' => array(
'key' => "someKey",
'secret' => "someSecret",
),
"region" => "us-east-1",
"version" => "2010-12-01")
);
I'm using the following code to generate my signature for a direct to S3 upload (using sig v4 because the bucket is in Frankfurt):
$s3 = S3Client::factory(array(
'key' => Configure::read('Aws.key'),
'secret' => Configure::read('Aws.secret'),
'region' => Configure::read('Aws.region'),
'signature' => 'v4'
)
);
$postObject = new \Aws\S3\Model\PostObject($s3, Configure::read('Aws.bucket'),
array('acl' => 'public-read'));
$form = $postObject->prepareData()->getFormInputs();
$this->set('policy', $form['policy']);
$this->set('signature', $form['signature']);
However, the end result of a POST is always an XML response containing this message:
The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
Can anyone see what I might be doing wrong?