dimanche 29 mars 2015

Using IAM credentials in PHP AWS SDK for uploading files to S3

I'm using AWS PHP SDK to upload files to a S3 bucket. When I'm using the root credentials, everything works(the files are uploaded, I can list etc). However, I want to use IAM credentials(key/secret), but I'm getting:



AWS Error Code: SignatureDoesNotMatch, Status Code: 403, AWS Request ID: 4753C8291E073CE9, AWS Error Type: client, AWS Error Message: The request signature we calculated does not match the signature you provided. Check your key and signing method.



This is my IAM policy:



{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1427650841800",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::BUCKETNAME/*"
    }
  ]
}


I've tried applying a general access to all S3 buckets policy but it didn't help.


I tried adding a bucket policy:



{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1427647391802",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::791442585307:user/IAM_USERNAME"
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::BUCKETNAME/*"
        }
    ]
}


But that didn't help either.


This is my CORS configuration for the bucket:



<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://ift.tt/1f8lKAh">
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>Authorization</AllowedHeader>
    </CORSRule>
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>POST</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>Authorization</AllowedHeader>
    </CORSRule>
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>PUT</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>Authorization</AllowedHeader>
    </CORSRule>
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>DELETE</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>Authorization</AllowedHeader>
    </CORSRule>
</CORSConfiguration>


Is there anything I need to change or add somewhere? I don't understand what I'm doing wrong.


NOTE: I'm testing everything from a local environment, the application is a Laravel 4 application.





Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)