I'm using the following code to generate my signature for a direct to S3 upload (using sig v4 because the bucket is in Frankfurt):
$s3 = S3Client::factory(array(
'key' => Configure::read('Aws.key'),
'secret' => Configure::read('Aws.secret'),
'region' => Configure::read('Aws.region'),
'signature' => 'v4'
)
);
$postObject = new \Aws\S3\Model\PostObject($s3, Configure::read('Aws.bucket'),
array('acl' => 'public-read'));
$form = $postObject->prepareData()->getFormInputs();
$this->set('policy', $form['policy']);
$this->set('signature', $form['signature']);
However, the end result of a POST is always an XML response containing this message:
The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
Can anyone see what I might be doing wrong?
Related
I am sending file to AWS s3 using PHP SDK. I installed SDK using
composer require aws/aws-sdk-php
I am using following code
require_once('vendor/autoload.php');
$s3 = new Aws\S3\S3Client([
'region' => AWS_REGION,
'version' => 'latest',
'credentials' => [
'key' => AWS_ACCESS_KEY_ID,
'secret' => AWS_SECRET_ACCESS_KEY,
]
]);
$result = $s3->putObject([
'Bucket' => AWS_BUCKET,
'Key' => $filename,
'SourceFile' => $fileFullPath
]);
Following response, I am getting
I am trying to get status code from this response and tried different ways, but I could not get status code.
You are returned an object with a private array called "data" but you are also able to just call the data by attribute. So using $result['#metadata']['statusCode'] works just fine.
$result['#metadata']['statusCode'] == 200
According to your example.
Worked fine for me
$result['#metadata']['statusCode'] == 200
We're using the latest PHP AWS S3 SDK.
We've been given a ARN Bucket name
eg:
arn:aws:s3:::project-s3-eu-west-2-d-app-uploads
Using the PHP Code, we're trying:
<?php
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
$s3 = new S3Client([
'version' => 'latest',
'region' => 'eu-west-2',
'use_arn_region' => TRUE, // or FALSE
]);
$s3->putObject([
'Bucket' => 'arn:aws:s3:::project-s3-eu-west-2-d-app-uploads',
// 'Bucket' => 'project-s3-eu-west-2-d-app-uploads.s3.eu-west-2.amazonaws.com', // this did not work
'Key' => 'random-unique-name.ext',
'Body' => fopen('/local/file/path/name.ext', 'r'),
'ACL' => ACL_PUBLIC_READ,
]);
?>
But - no matter what we try, we get the following error:
Bucket parameter parsed as ARN and failed with: Provided ARN was not a valid S3 access point ARN or S3 Outposts access point ARN.
Have you used an ARN for auth, not a Key/Secret?
Thanks
I'm trying to create signed urls from cloudfront with aws-sdk-php
I have created both Distributions WEB and RTMP
and this is the code i used to do that
this is start.php
<?php
require 'vendor/autoload.php';
use Aws\S3\S3Client;
use Aws\CloudFront\CloudFrontClient;
$config = require('config.php');
// S3
$client = new Aws\S3\S3Client([
'version' => 'latest',
'region' => 'us-east-2',
]);
// CloudFront
$cloudfront = CloudFrontClient::factory([
'version' => 'latest',
'region' => 'us-east-2',
]);
and this is config.php
<?php
return [
's3'=>[
'key' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'bucket' => 'hdamovies',
'region' => 'us-east-2',
],
'cloudFront' => [
'url' => 'https://d2t7o0s69hxjwd.cloudfront.net',
],
];
and this is index.php
<?php
require 'config/start.php';
$video = 'XXXXXXXXXXX.mp4';
$expiry = new DateTime( '+1 hour' );
$url = $cloudfront->getSignedUrl([
'private_key' => 'pk-XXXXXXXXXXXXXXXXXXXXX.pem',
'key_pair_id' => 'XXXXXXXXXXXXXXXXXXXXX',
'url' => "{$config['cloudFront']['url']}/{$video}",
'expires' => strtotime('+10 minutes'),
]);
echo "Downlod";
When i click on the link i get that error
<Error>
<Code>KMS.UnrecognizedClientException</Code>
<Message>No account found for the given parameters</Message>
<RequestId>0F0A772FE67F0503</RequestId>
<HostId>juuIQZKHb1pbmiVkP7NVaKSODFYmBtj3T9AfDNZuXslhb++LcBsw9GNjpT0FG8MxgeQGqbVo+bo=</HostId></Error>
What is the problem here and how can i solve that?
CloudFront does not support downloading objects that were stored, encrypted, in S3 using KMS Keys, apparently because the CloudFront Origin Access Identity is not an IAM user, so it's not possible to authorize it to have the necessary access to KMS.
https://forums.aws.amazon.com/thread.jspa?threadID=268390
I had this issue and had it resolved after setting up the correctly Identities. However, I had a lot of issues with the error even after setting things up correctly. This was because I was attempting to download a file that was originally uploaded when the bucket was KMS encrypted, then later when I changed it to SSE-S3, it still was throwing a KMS error.
After reuploading the file, it seemed to work without any issues. Hope this helps someone else
I'm currently struggling with getting a S3 download link working. I've been using this code as reference but when I try to open the file, I get the error:
The authorization mechanism you have provided is not supported. Please
use AWS4-HMAC-SHA256.
I tried a few other scripts floating around, but all ended with some other error message.
Is there an easy way to migrate the script I'm using to make it work with Signature v4?
UPDATE: as suggested by hjpotter92, I used the AWS-SDK and came up with this working code:
$client = S3Client::factory([
'version' => 'latest',
'region' => 'eu-central-1',
'signature' => 'v4',
'credentials' => [
'key' => '12345',
'secret' => 'ABCDE'
]
]);
$cmd = $client->getCommand('GetObject', [
'Bucket' => '###name###',
'Key' => $fileName
]);
$request = $client->createPresignedRequest($cmd, '+2 minutes');
$presignedUrl = (string) $request->getUri();
return $presignedUrl;
I'm trying to understand amazon php sdk for AWS but I really can't use it.
I find some basic classes to create, display and push topic but I doesn't work either.
I just want to find a way (the simplest way) to push a topic from my website.
First and foremost, to get acquainted with Amazon Simple Notification Service (SNS), I recommend to perform all required step manually once via the AWS Management Console as explained in the Getting Started Guide, i.e. Create a Topic, Subscribe to this Topic and Publish a message to it.
Afterwards it should be fairly straight forward to facilitate the sample fragments provided in the documentation of the AWS SDK for PHP running, see e.g. method publish() within class AmazonSNS:
$sns = new AmazonSNS();
// Get topic attributes
$response = $sns->publish(
'arn:aws:sns:us-east-1:9876543210:example-topic',
'This is my very first message to the world!',
array(
'Subject' => 'Hello world!'
)
);
// Success?
var_dump($response->isOK());
For a more complete example you might want to check out the the example provided in Sending Messages Using SNS [...].
If none of this works out, you'll have to provide more details regarding the specific problems you are encountering, as requested by tster already.
Good luck!
As told to you by #SteffenOpel, you should once try to perform all required steps manually once via the AWS Management Console.
Then you may use the AWS SDK for PHP(v3) as below to create the SNS client(or infact any service's client, surely with some changes) and then to create a SNS Topic.
<?php
//assuming that use have downloaded the zip file for php sdk
require 'C:/wamp/www/aws sdk/aws-autoloader.php'; //Change the path according to you
use Aws\Sns\SnsClient;
try{
/*-------------METHOD 1----------------*/
// Create a new Amazon SNS client using AWS v3
//$sns = new Aws\Sns\SnsClient([
$sns = new SnsClient([
'region' => 'us-west-2', //Change according to you
'version' => '2010-03-31', //Change according to you
'credentials' => [
'key' => '<Your root AWS Key',
'secret' => '<Your root AWS Secret>',
],
'scheme' => 'http', //disables SSL certification, there was an error on enabling it
]);
$result = $sns -> createTopic([
'Name' => '<Your Topic>',
]);
/*-------------METHOD 2----------------*/
/*
// Create a new Amazon SNS client using AWS v2
$sns = SnsClient::factory(array(
'region' => 'us-west-2',
'version' => '2010-03-31',
'credentials' => [
'key' => '<Your root AWS Key',
'secret' => '<Your root AWS Secret>',
],
'scheme' => 'http',
));
$result = $sns -> createTopic([
'Name' => '<Your Topic>',
]);
*/
/*-------------METHOD 3----------------*/
/*
// Create a new Amazon SNS client using AWS SDK class
// Use the us-west-2 region and latest version of each client.
$sharedConfig = [
'region' => 'us-west-2',
'version' => '2010-03-31',
'credentials' => [
'key' => '<Your root AWS Key',
'secret' => '<Your root AWS Secret>',
],
//'ssl.certificate_authority' => '/path/to/updated/cacert.pem',
'scheme' => 'http',
];
// Create an SDK class used to share configuration across clients.
$sdk = new Aws\Sdk($sharedConfig);
$sns = $sdk -> createSns();
$result = $sns -> createTopic([
'Name' => '<Your Topic>',
]);
*/
if ($result)
echo "Yes";
else
echo "No";
}
catch(Exception $e){
echo 'Caught Exception: ', $e->getMessage(), "\n";
}
?>
NOTE: This code illustrates creating the client for SNS in three different methods.
You may uncomment and use one according to your need.
Method 1 (version 3) is the best if you're creating a single client, else use Method 3. Method 2 is soon gonna depreciate (as its version 2)
I success to do it by using this classes->
Amazon-SNS-client-for-PHP
Very good, easy to use and working just great.
According to the AWS official docs here, we will have to create a SnsClient and call it's publish method. You can get topic's ARN from AWS console.
$SnSclient = new SnsClient([
'profile' => 'default',
'region' => 'us-east-1',
'version' => '2010-03-31'
]);
$message = 'This message is sent from a Amazon SNS code sample.';
$topic = 'arn:aws:sns:us-east-1:111122223333:MyTopic';
try {
$result = $SnSclient->publish([
'Message' => $message,
'TopicArn' => $topic,
]);
var_dump($result);
} catch (AwsException $e) {
// output error message if fails
error_log($e->getMessage());
}