昨天凭证工作正常。昨晚我重新启动了apache(我唯一能想到的可能就是原因)。今天我收到了这个错误:
无法从vendor / aws / aws-sdk-php / src / Credentials / CredentialProvider.php中的/root/.aws/credentials读取凭据
我正在使用的PHP代码是
$s3Client = $s3Client ?? S3Client::factory(array(
'profile' => 'my_profile',
'region' => 'us-west-2',
'version' => '2006-03-01'
));
和我的.aws/credentials文件看起来像
[my_profile]
aws_access_key_id = KEY_ID
aws_secret_access_key = KEY
其中KEY_ID和KEY是我实际文件中的真实值。
非常感谢任何帮助。
答案 0 :(得分:0)
AWS凭证类似乎对于拥有“HOME”环境变量有点挑剔。以下是一些有助于解析凭证文件路径并相应设置“HOME”环境变量的函数。
/**
* determine path to credentials file
* @return string
* */
protected function _getCredentialsPath(){
// https://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/credentials.html#credential-profiles
$credentials_path = '';
$current_user = get_current_user();
$credentials_file = '.aws/credentials';
$possible_paths = array( '/Users/%s/%s', '/home/%s/%s' );
forEach( $possible_paths AS $check_path ){
$check_credentials_path = sprintf( $check_path, $current_user, $credentials_file );
if( file_exists( $check_credentials_path ) ){
$credentials_path = realpath( $check_credentials_path );
break;
}
}
// set the HOME environment variable if missing
if( empty( getenv( 'HOME' ) ) && ! empty( $credentials_path ) ){
$directory = pathinfo( $credentials_path, PATHINFO_DIRNAME );
$exploded_path = explode( DIRECTORY_SEPARATOR, $directory );
array_pop( $exploded_path ); // remove .aws directory from end
$home_path = implode( DIRECTORY_SEPARATOR, $exploded_path );
putenv( "HOME={$home_path}" );
}
return $credentials_path;
}
/**
* get the aws sqs client
* @return \Aws\Sqs\SqsClient
* */
protected function _getAwsSqsClient(){
if( empty( $this->_aws_sqs_client ) ){
// SDK Version 3 Syntax
$credential_profile = $this->_aws_sqs_profile;
$credential_path = $this->_getCredentialsPath();
$credential_provider = CredentialProvider::ini( $credential_profile, $credential_path );
$credential_provider = CredentialProvider::memoize( $credential_provider );
// http://docs.aws.amazon.com/aws-sdk-php/v3/api/api-sqs-2012-11-05.html
$sdk = new \Aws\Sdk(
array(
'region' => $this->_aws_region,
'version' => $this->_aws_sdk_version,
'profile' => $this->_aws_sqs_profile,
'credentials' => $credential_provider,
)
);
$sqs_client = $sdk->createSqs();
$this->_aws_sqs_client = $sqs_client;
try{
$response = $sqs_client->getQueueUrl( array( 'QueueName' => self::AMAZON_SQS_QUEUE_NAME ) );
}
catch( \Exception $e ){
echo "home: ",getenv('HOME'),"<br />";
echo "credential profile: ",$credential_profile,"<br />";
echo "credential path: ",$credential_path,"<br />";
echo "<pre style='color:purple'>credential provider: "; var_dump( $credential_provider ); echo "</pre>\n<br />";
$file_handle = fopen( $credential_path, 'r' );
echo "credential content: <pre style='color:blue;'>",fread( $file_handle, filesize( $credential_path ) ),"</pre>\n<br />";
echo "<pre style='color:red;'>"; var_dump( $e->getMessage() ); echo "</pre>\n";
die(__FILE__.__LINE__);
}
$this->_aws_queue_url = $response->QueueUrl;
}
return $this->_aws_sqs_client;
}
答案 1 :(得分:0)
不知道这是不是你的问题,但我遇到了类似的问题,结果证明aws configure中的某些应用所期望的“.ini样式”凭据文件(由AWS_CONFIG_FILE生成)但是,它与AWS CLI应用程序(例如ec2-describe-instances)不兼容,期望AWS_CREDENTIAL_FILE指向格式略有不同的文件:
AWSAccessKeyId=...
AWSSecretKey=...
AWSRegion=...