You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Assume an IAM role](https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_assume_role.html).
IAM roles provide applications on the instance with temporary security credentials to make AWS calls. For example, IAM roles offer an easy way to distribute and manage credentials on multiple Amazon EC2 instances.
Upload of images to AWS S3 is working fine, only cache creates cause problem.
Firing up image with filter cache it should create cached image to the AWS S3
Actual result
Uncaught PHP Exception Liip\ImagineBundle\Exception\Imagine\Cache\Resolver\NotStorableException: "The object could not be created on Amazon S3." at /app/vendor/liip/imagine-bundle/Imagine/Cache/Resolver/AwsS3Resolver.php line 133 {"exception":"[object] (Liip\\ImagineBundle\\Exception\\Imagine\\Cache\\Resolver\\NotStorableException(code: 0): The object could not be created on Amazon S3. at /app/vendor/liip/imagine-bundle/Imagine/Cache/Resolver/AwsS3Resolver.php:133)\n[previous exception] [object] (Aws\\S3\\Exception\\S3Exception(code: 0): Error executing \"PutObject\" on \"https://my.s3/my-bucket/small/uploads/product/images/1920/image.jpg\"; AWS HTTP error: Client error: `PUT https://my.s3/my-bucket/small/uploads/product/images/1920/image.jpg` resulted in a `403 Forbidden` response:\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>PGAD0F (truncated...)\n AccessDenied (client): Access Denied - <?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>PGAD0FDNGZFFXV6Q</RequestId><HostId>ekuOedPkd9CiGo5owWlttn3DKbwYx5aVcDSQ2EC0vgv4pmky5ZuIL4TUqHfdddEiG3rzRaDi03k=</HostId></Error> at /app/vendor/aws/aws-sdk-php/src/WrappedHttpHandler.php:195)\n[previous exception] [object] (GuzzleHttp\\Exception\\ClientException(code: 403): Client error: `PUT https://my.s3/my-bucket/small/uploads/product/images/1920/image.jpg` resulted in a `403 Forbidden` response:\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>PGAD0F (truncated...)\n at /app/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:113)"} {"request_id":"552f6c3e-f749-4b00-85d6-baf85465ebfb"
the cache image only works if I'm adding this policy to bucket:
Problem with AWS credentials without key and secret stored in envs. According to that page:
https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html
we have this setup:
Upload of images to AWS S3 is working fine, only cache creates cause problem.
Preconditions
Steps to reproduce
service:
Expected result
Actual result
the cache image only works if I'm adding this policy to bucket:
but this is opening our bucket to world and it is not secured at all.
The same service
storage.aws.client
is used to upload images to S3. Can we use this setup without credentials to create cache ?The text was updated successfully, but these errors were encountered: