Issue
I'm using Laravel 7, I have a scenario where the credentials are not present in code, i.e (ENV file), they are loaded in runtime from IAM role.
Here, when the Storage facade is used, it works absolutely fine, i.e, it is able to resolve where from to load the credentials.
Example: Storage::disk('s3')->put($filePath, $data); OR Storage::disk('s3')->get($filePath);
But other way around when I'm using S3Client, it starts looking for /var/www/.aws/credentials file
Example:
$s3Client = new S3Client([
'profile' => 'default',
'region' => Config::get('filesystems.disks.customDisk.region'),
'version' => 'latest',
]);
$cmd = $s3Client->getCommand('GetObject', [
'Bucket' => Config::get('filesystems.disks.customDisk.bucket'),
'Key' => $path
]);
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
$filePath = (string) $request->getUri();
The above code starts searching for credentials in credentials file.
As a workaround, I tried this, but no success. Please help me out. Thanks in advance.
$s3Client = new S3Client([
'profile' => 'default',
'region' => Config::get('filesystems.disks.customDisk.region'),
'version' => 'latest',
'credentials' => \Aws\Credentials\CredentialProvider::defaultProvider()
]);
Solution
The AWS client will follow the credentials chain provider to establish a connection:
- System properties
- Environment variables
- Web identity token from AWS Security Token Service
- The shared credentials and config files
- Amazon ECS container credentials
- Amazon EC2 instance IAM role-provided credentials
However, I believe your parameters are forcing it to look in the credentials file because you state profile: default. I suggest removing this parameter as if the credentials exist in the chain it will choose default regardless.
Answered By - Leeroy Hannigan Answer Checked By - Marilyn (WPSolving Volunteer)
