dongmei5168 2015-06-03 17:38
浏览 85
已采纳

AWS PHP SDK凭据错误S.

I get the following error when trying to create an SNSClient object.

InstanceProfileCredentialsException in InstanceMetadataClient.php line 85: Error retrieving credentials from the instance profile metadata server. When you are not running inside of Amazon EC2, you must provide your AWS access key ID and secret access key in the "key" and "secret" options when creating a client or provide an instantiated Aws\Common\Credentials\CredentialsInterface object. (Client error response
[status code] 404
[reason phrase] Not Found
[url] http://169.254.169.254/latest/meta-data/iam/security-credentials/)

I don't understand why I have this error when I have my aws.php in the config folder of my laravel setup. Here the access key and secret key are stored.

I don't really like this since this causes my credentials to be stored in the folder setup where other's may SFTP into.

What I also have is the aws credentials and config files in my server root folder, in a path like this: ~/.aws/ but for some reason the application is not happy.

Here's what my code looks like:

public function about(){

    // Instantiate a client with the credentials from the project1 profile
    $snsClient = SnsClient::factory(array(
            'profile' => 'default',
            'region'  => 'us-west-2',
        ));

    // Get the application's endpoints

    $iOS_AppArn = "arn:aws:sns:us-west-2:235418406768:app/APNS_SANDBOX/ClashTarget";

    $iOS_model = $snsClient->listEndpointsByPlatformApplication(array('PlatformApplicationArn' => $iOS_AppArn));
}

Note that I am using the default profile which should take the credentials from the root aws directory where the config and credential files are stored.

For now, as a temporary solution I did this: http://blog.ianholden.com/aws-s3-with-php-on-apache/ which makes everything work but I'm not happy having my credential keys living in the application code. It doesn't feel right.

Can someone guide me in getting this error resolved please?

Update 1: Comment: What is the content of config at ~/.aws/ This is the content of the config file in the ~/.aws/ folder

[default]
output = json
region = us-west-2
  • 写回答

3条回答 默认 最新

  • douxingmou4533 2015-06-03 21:27
    关注

    Your ~/.aws/credentials file should look like this:

    [default]
aws_access_key_id = YOUR_AWS_ACCESS_KEY_ID
aws_secret_access_key = YOUR_AWS_SECRET_ACCESS_KEY

[project1]
aws_access_key_id = ANOTHER_AWS_ACCESS_KEY_ID
aws_secret_access_key = ANOTHER_AWS_SECRET_ACCESS_KEY

    The following function is used by the library to determine the directory in which to look for the .aws/credentials file:

    private static function getHomeDir()
{
    // On Linux/Unix-like systems, use the HOME environment variable
    if ($homeDir = getenv('HOME')) {
        return $homeDir;
    }
    // Get the HOMEDRIVE and HOMEPATH values for Windows hosts
    $homeDrive = getenv('HOMEDRIVE');
    $homePath = getenv('HOMEPATH');
    return ($homeDrive && $homePath) ? $homeDrive . $homePath : null;
}

    As you can see, if the HOME or the HOMEDRIVE and HOMEPATH environment variables are not set, the library will not be able to find your credentials file.

    In addition to being able to find the file, it also needs to be readable by PHP, and in an INI format (as described above).

    Edit

    From comments, it sounds like the HOME environment variable is not set. Because of this, the library cannot find your credentials file. There are a few options for where to go from here.

    Option 1:

    Fix your server so that the HOME environment variable is set correctly. You will need to do some research on the best way to do this, as the solution may be highly dependent on server/apache/php configurations...

    Option 2:

    Since you're using Laravel 5, you can add your credentials to your .env file, and then access them in the code. So, for example, add the following two lines to the end of your .env file:

    AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY

    Now, in your code, you can do:

    public function about() {
    // add "use Aws\Credentials\Credentials;" at the top of your file

    // the env() method reads the values from the .env file. ideally you should never
    // use the env() method outside of a config file, though, so I'd suggest adding
    // a new config file that uses the env statements and using the config here.
    $credentials = new Credentials(env('AWS_ACCESS_KEY_ID'), env('AWS_SECRET_ACCESS_KEY'));

    // if using the 'credentials' key, do not use the 'profile' key
    $snsClient = SnsClient::factory(array(
        'region'  => 'us-west-2',
        'credentials' => $credentials
    ));
}

    Option 3:

    Call the CredentialProvider::ini() method yourself and pass in the profile and full path to your ini file. This will bypass the need for the library to try and determine the home directory.

    public function about() {
    // add "use Aws\Credentials\CredentialProvider;" at the top of your file

    // the first parameter is the profile, the second parameter is the full path to
    // your credentials file. You may want to add this to your .env file, and
    // access using env()/config() instead of hardcoding here, though.
    $credentials = CredentialProvider::ini('default', '/root/.aws/credentials');

    // if using the 'credentials' key, do not use the 'profile' key
    $snsClient = SnsClient::factory(array(
        'region'  => 'us-west-2',
        'credentials' => $credentials
    ));
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?