I've migrated servers and updated AWS phar, however once i've done that i'm getting the following error:
Fatal error: Uncaught exception 'InvalidArgumentException' with message 'Missing required client configuration options: version: (string) A "version" configuration value is required. Specifying a version constraint ensures that your code will not be affected by a breaking change made to the service. For example, when using Amazon S3, you can lock your API version to "2006-03-01". Your build of the SDK has the following version(s) of "email": * "2010-12-01" You may provide "latest" to the "version" configuration value to utilize the most recent available API version that your client's API provider can find. Note: Using 'latest' in a production application is not recommended. A list of available API versions can be found on each client's API documentation page: http://docs.aws.amazon.com/aws-sdk-php/v3/api/index.html. If you are unable to load a specific API version, then you may need to update your copy of the SDK.' in phar:////includes/3rdparty/aws/aws.phar/Aws/ in phar:////includes/3rdparty/aws/aws.phar/Aws/ClientResolver.php on line 328
I've tried adding it via different method and looking into the actual documentation without any luck.
Here's my code right now:
$client = SesClient::factory(array(
'user' => 'uuuuu',
'key' => 'aaaaa',
'secret' => 'bbbb',
'region' => 'us-east-1',
));
$client->version("2010-12-01");
//Now that you have the client ready, you can build the message
$msg = array();
//more code after this...
Any help would be appreciated!
Apparenty, the 'version' field is mandatory now, so you must pass it to the factory.
Source: http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/migration.html
// Instantiate the client with your AWS credentials
$client = SqsClient::factory(array(
'credentials' => $credentials,
'region' => 'us-east-1',
'version' => '2012-11-05'
));
Related
I have a PHP (8.1.8) page hosted on Apache (2.4) on a Windows Server 2019 EC2 instance in AWS. It attempts to send an event to a Lambda Function. The page is called with HTTP, not HTTPS (don't ask - required for external calling system).
If I run the script in VSCode (for example) it works fine and I get a response from the Lambda Function (so I believe the EC2 instance has no problem talking to the Lambda Function). However if I request the page through a browser I get an error (XXXXX represents my Lambda Function name, obfuscated):
Fatal error: Uncaught exception 'Aws\Lambda\Exception\LambdaException' with message 'Error executing "Invoke" on "https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/XXXXX/invocations"; AWS HTTP error: Connection refused for URI https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/XXXXX/invocations' GuzzleHttp\Exception\ConnectException: Connection refused for URI https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/XXXXX/invocations in C:\Apache24\htdocs\vendor\guzzlehttp\guzzle\src\Handler\StreamHandler.php:328
The script is:
<?php
require 'vendor/autoload.php';
use Aws\Credentials\Credentials;
use Aws\Lambda\LambdaClient;
$data = 'TEST PAYLOAD';
$array_obj = array("xml" => $data);
$json_obj = json_encode($array_obj);
$credentials = new Aws\Credentials\Credentials('<<KEY>>', '<<SECRET>>');
$client = new Aws\Lambda\LambdaClient([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => $credentials,
'debug' => false,
]);
$lambda_result = $client->invoke([
'FunctionName' => 'XXXXX',
'InvocationType' => 'RequestResponse',
'LogType' => 'None',
'Payload' => $json_obj,
]);
print_r(json_decode($lambda_result->get('Payload')->getContents(), true))
?>
I'm pretty sure I'm just missing some config that will allow the web page script to call the Lambda, but I'm drawing a blank searching around for an answer.
EDIT:
Edited to clarify that this is running on a Windows Server 2019 EC2 instance, and the page is called with HTTP, not HTTPS.
EDIT 2:
I get the same issue with SQS, so its not a Lambda thing specifically. Seems to be generally about accessing AWS resources through the SDK APIs? (Tags adjusted accordingly)
When I deploy my application to a EC2 instance, it fails to fetch messages from my SQS queue. And instead throws an exception with the status code 403 Forbidden, access to the resource {sqs queue} is denied. However, when I run the same code from my local environment my application can fetch messages from the SQS queue.
My application uses the symfony framework and passes pre-configured AWS credentials, for a user who has access to this queue, from the parameters.yml into \Aws\Sqs\SqsClient().
If on the EC2 instance I run aws configure and configure the aws cli with the same credentials the application can pull messages from the SQS queue. I am concerned here because it is like the aws sdk is overriding the credentials I pass it.
As a example the following code even with hard coded parameters which I have checked are valid credentials, returns a 403 when ran on a EC2 instances.
$sqs = new \Aws\Sqs\SqsClient([
[
'key' => '{my key}',
'secret' => '{my secret}'
],
'region' => 'us-east-1',
'version' => 'latest'
]);
$response = $sqs->receiveMessage([
'QueueUrl' => 'https://sqs.us-east-1.amazonaws.com/{my account}/{my queue}'
]);
Does anyone have any suggestions about what may be happening here?
Try with credentials key in config.
$sqs = new \Aws\Sqs\SqsClient([
'credentials' => [
'key' => '{my key}',
'secret' => '{my secret}',
],
'region' => 'us-east-1',
'version' => 'latest'
]);
$response = $sqs->receiveMessage([
'QueueUrl' => 'https://sqs.us-east-1.amazonaws.com/{my accoun}/{my queue}'
]);
This might help you to debug your issue.
Run aws sqs list-queues on command line. If your queue not listed in the result set, that means your AWS key doesn't have permission.
Run aws sqs receive-message --queue-url <queue_url> where queue_url is your queue's complete url received from step 1. You should see all your messages in the queue.
If there are no errors in above both steps, there might be an issue in your application end.
It's a bad practice to store AWS credentials in EC2 instances, It's much better to create an IAM role with sqs:receiveMessage permission then attach that IAM role to your EC2 instance.
I am trying to check bucket existence on Amazon S3 using below code:
$credentials = new Aws\Common\Credentials\Credentials($creds['access_key_id'], $creds['secret_access_key']);
$client = Aws\S3\S3Client::factory(array( 'credentials' => $credentials ) );
if( ! $client->doesBucketExist($creds['bucket']) ) {
throw new Exception("Bucket (" . $creds['bucket'] . ") does not exist.");
}
It is working on localhost (wamp) but when I tried this on server it is not working. I am getting following error:
Missing required client configuration options: region: (string) A "region" configuration value is required for the "s3" service (e.g., "us-west-2"). A list of available public regions and endpoints can be found at http://docs.aws.amazon.com/general/latest/gr/rande.html. version: (string) A "version" configuration value is required. Specifying a version constraint ensures that your code will not be affected by a breaking change made to the service. For example, when using Amazon S3, you can lock your API version to "2006-03-01". Your build of the SDK has the following version(s) of "s3": * "2006-03-01" You may provide "latest" to the "version" configuration value to utilize the most recent available API version that your client's API provider can find. Note: Using 'latest' in a production application is not recommended. A list of available API versions can be found on each client's API documentation page: http://docs.aws.amazon.com/aws-sdk-php/v3/api/index.html. If you are unable to load a specific API version, then you may need to update your copy of the SDK.
I don't know why it is not working on server but same code is working on localhost.
I had the same problem and I needed to clear my config cache to fix it.
$ artisan config:clear
Set region explicitly when creating s3 client instead of relying on defaults.
use Aws\Credentials\Credentials;
use Aws\S3\S3Client;
$result = $stsClient->getSessionToken();
$credentials = new Credentials(
$result['Credentials']['AccessKeyId'],
$result['Credentials']['SecretAccessKey'],
$result['Credentials']['SessionToken']
);
$s3Client = new S3Client([
'version' => '2006-03-01',
'region' => 'us-west-2',
'credentials' => $credentials
]);
Check .env file variables are matching with filesystems.php
's3' => [
'driver' => 's3',
'key' => env('S3_KEY'),
'secret' => env('S3_SECRET'),
'region' => env('S3_REGION'),
'bucket' => env('S3_BUCKET'),
],
1) Ensure you have S3_KEY, S3_SECRET, S3_REGION, S3_BUCKET etc configured in your .env file
2) Your environment file might have changed after the autoload/caches were generated. Run:
php artisan config:cache
I am attempting to connect to a DynamoDB hosted on aws using php.
I am currently getting the following error:
Fatal error: Uncaught exception 'Aws\Exception\CredentialsException'
with message 'Error retrieving credentials from the instance profile
metadata server. (cURL error 28: Connection timed out after 1000
milliseconds (see
http://curl.haxx.se/libcurl/c/libcurl-errors.html))' in
C:\wamp\www\Aws\Credentials\InstanceProfileProvider.php on line 79
I've taken this to mean there are issues with my client credentials which I need to use the sdk. My credentials are coded as follows:
$client = new DynamoDbClient([
'profile' => 'my profile',
'region' => 'us-west-2',
'version' => 'latest',
'credentials' => [
'key' => 'my key',
'secret' => 'my secret key',
]
]);
From what I've seen this error usually means there is a problem with the way the credentials are formatted, but as far as I can tell I don't have that issue. I'm currently trying to run this program locally using wamp. I'm not sure what the problem is.
Please try below steps and check if it work correctly :
1) Download aws php sdk here.
2) Unzip and require autoloader.php and use dynamodb client.
require_once 'PATH/TO/aws-autoloader.php';
use Aws\DynamoDb\DynamoDbClient;
3) initiate dynamo db client
try
{
$aws = DynamoDbClient::factory(array(
'key' => $aws_key,
'secret' => $aws_access_key,
'region' => $aws_region
));
echo "Client initiated";
}
catch(Exception $e)
{
echo "Db Client initiation failed ".$e->getMessage();
}
4) Check this for api's
I'm in the process of migrating from Amazon S3 to Google Storage and I can't seem to get my credentials to work. Here's some sample code that I put together to test my credentials:
$client = new S3Client([
'credentials' => [
'key' => 'GOOGxxxxxxxxxxxxxxx',
'secret' => 'ZfcOTxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
],
'region' => 'US',
'version' => 'latest',
'endpoint' => 'https://storage.googleapis.com',
]);
try {
$result = $client->putObject(array(
'Bucket' => 'devtest',
'Key' => 'test',
'Body' => 'Hello world'
));
echo $result['ObjectURL'];
} catch (\Aws\S3\Exception\S3Exception $e) {
// The AWS error code (e.g., )
echo $e->getAwsErrorCode() . "\n";
// The bucket couldn't be created
echo $e->getMessage() . "\n";
}
Here's what I get back:
InvalidSecurity Error executing "PutObject" on "https://storage.googleapis.com/devtest/test"; AWS HTTP error: Client error response [url] https://storage.googleapis.com/devtest/test [status code] 403 [reason phrase] Forbidden InvalidSecurity (client): The provided security credentials are not valid. - InvalidSecurityThe provided security credentials are not valid.
Incorrect Authorization header
I've tried googling 100 different combinations of this issue and can't find anything. I have Interoperability enabled, at least I think I do since I don't think I can get the key/secret without it being enabled first. And I have the Google Storage API enabled.
Any help would be greatly appreciated.
Edit: here's the Authentication Header in case that helps:
AWS4-HMAC-SHA256
Credential=GOOGGUxxxxxxxxxxx/20150611/US/s3/aws4_request,
SignedHeaders=host;x-amz-content-sha256;x-amz-date,
Signature=9c7de4xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I noticed it stays "aws4_request" even when I specify 'signature' => 'v2'. Not sure if that matters.
I took a look at the S3Client code and it doesn't use the 'signature' config key as far as I can tell. The only thing I found was 'signature_version' which when set to v2, I get this error:
Unable to resolve a signature for v2/s3/US. Valid signature versions include v4 and anonymous.
I'm using Laravel 5.1 with composer package aws/aws-sdk-php version 3.0.3
Any ideas?
S3 only supports v4 signatures, and this requirement is enforced by the PHP SDK. It seems that Google Cloud Storage only supports v2 signing, so you wouldn't be able to use the same library to talk to both. Google does provide their own PHP SDK, which might make talking to Cloud Storage a bit easier.