I am using AWS SDK, and I am able to create buckets and manipulate keys. At the time of creation of bucket I also want to enable it for website hosting.
This is what I am using for creation
$result = $s3->createBucket([
'Bucket' => $buck_name
]);
From what I found, This is how we add website configuration
$result = $s3->putBucketWebsite(array(
'Bucket' => $buck_name,
'IndexDocument' => array('Suffix' => 'index.html'),
'ErrorDocument' => array('Key' => 'error.html'),
));
But this is not enabling website hosting,I also have uploaded both files(index and error) just in case. But I am getting this error
InvalidArgumentException: Found 1 error while validating the input provided for the PutBucketWebsite operation: [WebsiteConfiguration] is missing and is a required parameter in
Try this way
use Aws\S3\S3Client;
$bucket = $buck_name;
// 1. Instantiate the client.
$s3 = S3Client::factory();
// 2. Add website configuration.
$result = $s3->putBucketWebsite(array(
'Bucket' => $bucket,
'IndexDocument' => array('Suffix' => 'index.html'),
'ErrorDocument' => array('Key' => 'error.html'),
));
// 3. Retrieve website configuration.
$result = $s3->getBucketWebsite(array(
'Bucket' => $bucket,
));
echo $result->getPath('IndexDocument/Suffix');
Related
I am unable to use the method ListObjects to access AWS S3 using the Secure Token Service.
The documentation states a bucket and it's object can be private, while we can use AWS STS to gain temporary credentials to access the S3 objects.
I am attempting to create a Graphics Server. I have a separate service that you can query. During the response, my plan is to use AWS STS to expose the images in my S3 bucket.
use Aws\Sts\StsClient;
use Aws\S3\S3Client;
use Aws\S3\Exception\S3Exception;
$bucket = 'bucket_name';
// the security credentials that you use to obtain temporary security credentials.
$stsClient = StsClient::factory(array(
'credentials' => array(
'secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
'key' => 'YYYYYYYYYYYYYYYYYYYYYYYYY'
),
'region'=>'us-east-1',
'version'=>'latest'
));
// Fetch the federated credentials.
$sessionToken = $stsClient->getFederationToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
// The following will be part of your less trusted code. You provide temporary
// security credentials so the code can send authenticated requests to Amazon S3.
$s3 = new S3Client([
'region' => 'us-east-1',
'version' => 'latest',
'credentials' => [
'key' => $sessionToken['Credentials']['AccessKeyId'],
'secret' => $sessionToken['Credentials']['SecretAccessKey'],
'token' => $sessionToken['Credentials']['SessionToken']
]
]);
print_r($sessionToken);
echo "<br/>";
echo "<br/>";
try {
$result = $s3->listObjects([
'Bucket' => $bucket
]);
} catch (S3Exception $e) {
echo $e->getMessage() . PHP_EOL;
}
I was expecting a list of S3 Object Keys. But instead I get an error message:
Error executing "ListObjects" on "https://s3.amazonaws.com/bucket_name?encoding-type=url"; AWS HTTP error: Client error: GET
https://s3.amazonaws.com/bucket_name?encoding-type=url resulted in a 403 >Forbidden response: AccessDeniedAccess Denied AccessDenied (client): >Access Denied - AccessDeniedAccess Denied XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
found my answer. I was calling the wrong method.
I changed this:
$sessionToken = $stsClient->getFederationToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
to this:
$sessionToken = $stsClient->getSessionToken([
'Name' => 'IAM-Username',
'DurationSeconds' => '3600',
'PolicyName' => 'my-policy'
]);
use getSessionToken instead of getFederationToken, which is kinda obvious.
I am trying to delete a single file from AWS s3 bucket and my code is as below:
$removeUploadedDocFromTestingFolder = array(
"removeFromTestFolder" =>
array(
"bucket" => "my-bucket"
),
"AccessKeys" =>
array(
"access_key" => "my access key",
"seceret_key" => "my secret key"
)
);
$_SERVER['HOME'] = DIR_HOME;
ini_set('display_errors',1); error_reporting(E_ALL);
use Aws\S3\S3Client;
use Aws\Common\Credentials\Credentials;
$client = S3Client::factory();
//$objError = new ErrorReporting();
$bucket = $removeUploadedDocFromTestingFolder['removeFromTestFolder']['bucket'];
//testing file setup on local server....
$file1 = "my-file";
//File reference on cloud.....Object URL
$file1_cloud = "https://Object URL/myFile/myFile";
echo "here 0";
$client->deleteObject($bucket, $file1_cloud);
Can anyone tell what I am doing wrong that the code is not deleting the file.
I tried the following code but it didn't work:
try {
//$client->deleteObject($bucket, $file1_cloud);
$result = $client->deleteObject(['Bucket' => 'my-bucket','Key' => 'myFile.png']);
} catch(\Aws\S3\Exception\S3Exception $e) {
echo "error"+$e;
}
Thanks
The object is not being deleted because you have asked S3 to delete a non-existent object, and S3 treats this as a no-op rather than an error. This is because you have indicated a URL rather than the key of the object.
An example of an S3 object key is:
testing/cats/fluffykins.png
Note that it's not a URL and it doesn't begin with forward slash.
An example of the correct way to call the PHP deleteObject function is:
$result = $s3Client->deleteObject([
'Bucket' => $bucket,
'Key' => $key,
]);
Note that it takes an array of parameters, including bucket and key. It assumes PHP 5.4 or later in which you can use the short array syntax, which replaces array() with [].
I've resolved the issue by using the following code:
$client = S3Client::factory(array(
'key' => "mykey",
'secret' => "my secret key"
));
//File reference on cloud.....
$file1_cloud = "TestFile/myFile.png";
$result = $client->deleteObject(array(
'Bucket' => $bucket,
'Key' => 'TestFile/myFile.png'));
latestAll S3 bucket file is displayed, but when I upload file then error is generate.
I have ARN and instance profile.
use Aws\Credentials\CredentialProvider;
use Aws\Credentials\InstanceProfileProvider;
use Aws\Credentials\AssumeRoleCredentialProvider;
use Aws\S3\S3Client;
use Aws\Sts\StsClient;
$profile = new InstanceProfileProvider();
$ARN = ""; // MY ARN
$sessionName = "s3-access-example";
$assumeRoleCredentials = new AssumeRoleCredentialProvider([
'client' => new StsClient([
'region' => "ap-east-1",
'version' => "latest",
'credentials' => $profile
]),
'assume_role_params' => [
'RoleArn' => $ARN,
'RoleSessionName' => $sessionName,
],
]);
$provider = CredentialProvider::memoize($assumeRoleCredentials);
$this->s3hd = S3Client::factory([
'credentials' => $provider,
'version' => "latest",
'region' => "ap-east-1"
]);
public function upload($name, $file, $type, $Bucket = false)
{
if (! $Bucket) {
$Bucket = $this->bucket;
}
$result = $this->s3hd->putObject([
'Bucket' => $Bucket,
'Key' => $name,
'SourceFile' => $file,
'ContentType' => $type,
'ACL' => 'public-read'
]);
$this->s3hd->waitUntil('ObjectExists', [
'Bucket' => $Bucket,
'Key' => $name
]);
return $result;
}
Message: Error executing "PutObject" on error file url here; AWS HTTP error: Client error: PUT error file url here resulted in a 400 Bad Request` response: InvalidTokenThe provided token is malformed or other (truncated...) InvalidToken (client): The provided token is malformed or otherwise invalid. - InvalidTokenThe provided token is malformed or otherwise invalid.
In my case. I was trying through CLI.
I configured AWS cli by running
aws configure
Inside ~/.aws/credentials, look for session_token. If you have the session_token. Then update it.
Otherwise remove session_token and try again.
And Voila It worked!
You're getting this error because Hong Kong (ap-east-1) is not enabled by default. You need to enable it in the AWS console if you have the correct permissions, then try again.
See the AWS Docs for instructions on how to do that.
I am using s3cmd and based on the above answer I was able to solve by deleting the .s3cmd file and reconfiguring (s3cmd --configure), which cleared the access_token:
diff .s3cfg previous_s3cmd
< access_token =
---
> access_token = vkp1Jf\etc...
Also increased the chunk sizes:
< recv_chunk = 65536
---
> recv_chunk = 4096
< send_chunk = 65536
---
> send_chunk = 4096
And I guess I had previously opted for https requests, as opposed to the (current) default:
< use_https = True
---
> use_https = False
Success
Success. Your access key and secret key worked fine :-)
Now verifying that encryption works...
Success. Encryption and decryption worked fine :-)
I am trying to connect to my S3 to upload a file via my server but whenever i try to run the PHP, i encounter the following error below. I included the Version and Region but yet the issue still stands?
Error:
Fatal error: Uncaught exception 'InvalidArgumentException' with message 'Missing required client configuration options: region: (string) A "region" configuration value is required for the "s3" service (e.g., "us-west-2"). A list of available public regions and endpoints can be found at http://docs.aws.amazon.com/general/latest/gr/rande.html. version: (string) A "version" configuration value is required. Specifying a version constraint ensures that your code will not be affected by a breaking change made to the service. For example, when using Amazon S3, you can lock your API version to "2006-03-01". Your build of the SDK has the following version(s) of "s3": * "2006-03-01" You may provide "latest" to the "version" configuration value to utilize the most recent available API version that your client's API provider can find. Note: Using 'latest' in a production application is not recommended. A list of available API versions can be found on each client's API documentation page: http:/ in /srv/http/auploader/include/Aws/ClientResolver.php on line 364
My Code:
<?PHP
require '/srv/http/test/include/aws-autoloader.php';
use Aws\S3\S3Client;
use Aws\S3\Exception\S3Exception;
$bucket = 'testbucket';
$keyname = 'sample';
// $filepath should be absolute path to a file on disk
$filepath = '/srv/http/testfile/setup.html';
// Instantiate the client.
$s3 = S3Client::factory(array(
'key' => 'blank',
'secret' => 'blank'
));
try {
// Upload data.
$result = $s3->putObject(array(
'Bucket' => $bucket,
'Key' => $keyname,
'SourceFile' => $filepath,
'ACL' => 'public-read',
'Region' => 'eu-west-1',
'Version' => '2006-03-01'
));
// Print the URL to the object.
echo $result['ObjectURL'] . "\n";
} catch (S3Exception $e) {
echo $e->getMessage() . "\n";
}
?>
You have to create an object of S3. And keys you have put is misplaced please do it as following.
$s3 = S3Client::factory([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => [
'key' => "your s3 bucket key",
'secret' => "your s3 bucket secret key",
]
]);
By using s3 object you can implement putObject method something like this.
$result = $s3->putObject(array(
'Bucket' => "yourbucket name",
'Key' => $keyName,
'SourceFile' => $filepath,
'ACL' => 'public-read', //for making the public url
'Version' => '2006-03-01'
));
));
Hope it helps!
For SES AWS SDK v3 use
/*
* 1. version as `2010-12-01`
* 2. version as Eg. `us-east-1`.
*/
ini_set("display_errors", 1);
Aws\Ses\SesClient::factory(array(
'credentials' => array(
'key' => "someKey",
'secret' => "someSecret",
),
"region" => "us-east-1",
"version" => "2010-12-01")
);
I'm using the amazon-s3-php-class to help me upload files to Amazon's S3. After I upload the file, i noticed that Everyone can download it if they type the url https://url.com/mybucket/filename.file.
I can manually restrict access by using the AWS console to turn off Open/Download to the user Everyone.
How do I do this with programatically with amazon-s3-php-class? The following code did not do anything:
$s3 = new S3($AZ_KEY_ID, $AZ_KEY_SECRET);
$acp = array("acl"=>array());
$acp["acl"][] = array(
"type" => "Everyone", "uri" => "https://url.com/mybucket/filename.file", "permission" => ""
);
$s3->setAccessControlPolicy("mybucket", "https://url.com/mybucket/filename.file", $acp);
What's wrong with my code?
With the new AWS SDK V3 changing ACL permissions is really easy:
$s3->putObjectAcl([
'Bucket' => 'myBucketName',
'Key' => 'myFileName',
'ACL' => 'private'
]);
ACL can be one of these value 'ACL' => 'private|public-read|public-read-write|authenticated-read|aws-exec-read|bucket-owner-read|bucket-owner-full-control',
$s3 = new S3($AZ_KEY_ID, $AZ_KEY_SECRET);
$acp = $s3->getAccessControlPolicy('mybucket', 'filename.file');
foreach($acp['acl'] as $key => $val) {
if(isset($val['uri']) &&
$val['uri'] == 'http://acs.amazonaws.com/groups/global/AllUsers')
unset($acp['acl'][$key]);
}
$s3->setAccessControlPolicy('mybucket', 'filename.file', $acp)
In function getAccessControlPolicy and setAccessControlPolicy, uri should be the path related to bucket.
AllUsers equals Everyone at AWS console.
Or you can set private acl to an object, when inserting it to S3.
$s3->putObjectFile($uploadFile, 'mybucket', 'filename.file', S3::ACL_PRIVATE)