Menu
I created an EC2 Ubuntu instance.
The following is working using the AWS 2.6 SDK for PHP:
$client = DynamoDbClient::factory(array(
'key' => 'xxx',
'secret' => 'xxx',
'region' => 'eu-west-1'
));
I created a credentials file in ~/.aws/credentials.
I put this in /home/ubuntu/.aws/credentials
[default]
aws_access_key_id=xxx
aws_secret_access_key=xxx
Trying the following does not work and gives an InstanceProfileCredentialsException :
$client = DynamoDbClient::factory(array(
'profile' => 'default',
'region' => 'eu-west-1'
));
There is a user www-data and a user ubuntu.
In what folder should I put the credentials file?
292
The credentials file is located at ~/.aws/credentials on Linux or macOS, or at C:\Users\ USERNAME \.aws\credentials on Windows. This file can contain the credential details for the default profile and any named profiles.
The credentials can come from the SDK Store or from the shared AWS credentials file at the default location. This example also uses the Amazon. Runtime. AWSCredentials class.
php use Aws\S3\S3Client; use Aws\Common\Credentials\Credentials; $credentials = new Credentials('YOUR_ACCESS_KEY', 'YOUR_SECRET_KEY'); // Instantiate the S3 client with your AWS credentials $s3Client = S3Client::factory(array( 'credentials' => $credentials ));
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/ . In the navigation pane, choose Users. Choose the name of the user whose access keys you want to create, and then choose the Security credentials tab. In the Access keys section, choose Create access key.
One solution to set the credentials is:
sudo nano /etc/apache2/envvars
add environment variables:
export AWS_ACCESS_KEY_ID="xxx"
export AWS_SECRET_ACCESS_KEY="xxx"
sudo service apache2 restart
After that the following works:
$client = DynamoDbClient::factory(array(
'region' => 'eu-west-1'
));
If you are calling the API from an EC2 instance, you should use IAM roles.
Using IAM roles is the preferred technique for providing credentials to applications running on Amazon EC2. IAM roles remove the need to worry about credential management from your application. They allow an instance to "assume" a role by retrieving temporary credentials from the EC2 instance's metadata server. These temporary credentials, often referred to as instance profile credentials, allow access to the actions and resources that the role's policy allows.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
