使用 AWS PHP SDK [S3] 打印到 php 页面
Printing out to a php page using AWS PHP SDK [S3]
我正在学习使用 AWS 的 PHP SDK。
我想要实现的是,当某些用户在我的网站上请求 .php 页面时。
example.com/listbuckets.php
该页面应该 return 与我的 IAM 角色关联的存储桶。
这是我的代码:
$s3Client = new S3Client([
'profile' => 'default',
'region' => 'eu-west-1',
'version' => 'latest'
]);
//Listing all S3 Bucket
$buckets = $s3Client->listBuckets();
foreach ($buckets['Buckets'] as $bucket) {
echo $bucket['Name'] . "\n";
}
?>
使用该代码,通过 CLI 或终端,我可以成功地看到我的 S3 存储桶。但是当我通过浏览器请求页面时,它显示 500 Internal Server Error。
我在这里遗漏了什么?
提前致谢。
编辑:
我尝试通过以下方式传递我的 AWS Creds (key/secret):
$credentials = new Aws\Credentials\Credentials('key', 'secret');
$s3 = new Aws\S3\S3Client([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => $credentials
]);
如果通过网络浏览器访问,我仍然无法解析 php 页面,这可能是与 permissions/ownership 相关的问题吗?如果我通过终端执行,即使我可以看到我的桶
php listbuckets.php
编辑2:
我在
上传递了一个新参数
$s3Client = new Aws\S3\S3Client([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => $credentials,
'debug' => true
]);
现在页面正在响应这段文本:
-> Entering step init, name 'idempotency_auto_fill' --------------------------------------------------- command was set to array(3) { ["instance"]=> string(32) "044155c203a162626f000d004ff45d46" ["name"]=> string(11) "ListBuckets" ["params"]=> array(2) { ["@http"]=> array(1) { ["debug"]=> resource(4) of type (stream) } ["@context"]=> array(0) { } } } request was set to array(0) { } -> Entering step init, name 's3.ssec' ------------------------------------- no changes -> Entering step init, name 's3.source_file' -------------------------------------------- no changes -> Entering step init, name 's3.save_as' ---------------------------------------- no changes -> Entering step init, name 's3.location' ----------------------------------------- no changes -> Entering step init, name 's3.auto_encode' -------------------------------------------- no changes -> Entering step init, name 's3.head_object' -------------------------------------------- no changes -> Entering step validate, name 'validation' -------------------------------------------- no changes -> Entering step validate, name 'input_validation_middleware' ------------------------------------------------------------- no changes -> Entering step build, name 'builder' -------------------------------------- request.instance was set to 00fq4442000004ffw2c46 request.method was set to GET request.headers was set to array(2) { ["X-Amz-Security-Token"]=> string(7) "[TOKEN]" ["Host"]=> array(1) { [0]=> string(26) "s3.eu-west-1.amazonaws.com" } } request.scheme was set to https request.path was set to / -> Entering step build, name 'ApiCallMonitoringMiddleware' ---------------------------------------------------------- no changes -> Entering step build, name '' ------------------------------- request.instance changed from e33e626cc to 00dw0sq03c45d46 request.headers.User-Agent was set to array(1) { [0]=> string(50) "aws-sdk-php/3.178.4 OS/Linux/4.19.0-16-cloud-amd64" } -> Entering step build, name 'endpoint_parameter' ------------------------------------------------- no changes -> Entering step build, name 'EndpointDiscoveryMiddleware' ---------------------------------------------------------- no changes -> Entering step build, name 's3.checksum' ------------------------------------------ no changes -> Entering step build, name 's3.content_type' ---------------------------------------------- no changes -> Entering step build, name 's3.endpoint_middleware' ----------------------------------------------------- no changes -> Entering step build, name 's3.bucket_endpoint_arn' ----------------------------------------------------- no changes -> Entering step sign, name 'StreamRequestPayloadMiddleware' ------------------------------------------------------------ no changes -> Entering step sign, name 'invocation-id' ------------------------------------------- request.instance changed from 000003a1626c9002f900025d46 to 0e55j00003a1626cy004ff4r3d46 request.headers.aws-sdk-invocation-id was set to array(1) { [0]=> string(32) "321593e23171d701cdwae9" } -> Entering step sign, name 'retry' ----------------------------------- request.instance changed from dw000qdqd04ff45d46 to 0400411626c4210004445d46 request.headers.aws-sdk-retry was set to array(1) { [0]=> string(3) "0/0" } -> Entering step sign, name 'signer' ------------------------------------ request.instance changed from 02z00004ss2004ff45d46 to 01626d000045d46 request.headers.x-amz-content-sha256 was set to array(1) { [0]=> string(64) "ec44298f9b934ca491b7855" } request.headers.X-Amz-Date was set to array(1) { [0]=> string(16) "25T142413Z" } request.headers.Authorization was set to array(1) { [0]=> string(211) "AWS4-HMAC-SHA256 Credential=[KEY]/20210415/eu-west-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=[SIGNATURE] }
我编辑了一些值,但是来自亚马逊,这个错误与什么有关?
似乎是签名错误
编辑 3:
正如我所说,这似乎是一个签名错误,我比较了两段代码,一段来自浏览器,另一段来自终端,浏览器请求就停在了。
Entering step sign, name 'signer'
当我从 ec2 实例使用我的终端时,我如何才能以与签名相同的方式(通过浏览器)签名?
编辑 4:
我进行了大量管理和搜索,发现我应该使用预签名 URLS。
使用以下代码,我可以授予用户 20 分钟的生命周期 link,这将重定向他并向他显示所有可用的存储桶。
$s3Client = new Aws\S3\S3Client([
'credentials' => $credentials,
'region' => 'eu-west-1',
'version' => '2006-03-01',
]);
$cmd = $s3Client->getCommand('ListBuckets', [
'Bucket' => '*'
]);
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
// Get the actual presigned-url
$presignedUrl = (string)$request->getUri();
echo($presignedUrl);
编辑 5:
如果有人想打印 AWS PHP SDK 生成的 url 的结果,请使用此 php 代码
$result = file_get_contents($presignedUrl);
echo($result);
我终于明白了,所以我要 post 答案!
将代码放在 try/catch 块中。在 catch 中打印错误消息。
您是否已经安装了 composer?
PHP?
中激活的所有错误输出
所以整点是正确的,但我执行错了,我向任何正在学习 AWS PHP SDK 的人推荐这个 article 这样 he/she 可以更好地理解这个概念从 browser/client.
制作预签名网址
让我们分解一下这个问题,
场景是,当有人请求我的 listbuckets.php 页面时,该页面应该打印出我所有的 S3 存储桶。好的
需要的东西:
1- AWS 账户
2- EC2实例
3- S3 桶
4- 通过 SSH 访问 EC2
5- EC2 上的 Composer
6- AWS PHP SDK 安装在您的网络项目的根目录中。
当你拥有所有这些东西时,如果你想从任何对 AWS 资源有效的用户发出匿名请求,你应该使用 presigned-urls.
转到您的listbuckets.php。
代码:
//Key and Secret are variables that you get from your IAM Acces Management
$credentials = new Aws\Credentials\Credentials('KEY','SECRET');
//Create an S3 Client to communicate with AWS.
$s3Client = new Aws\S3\S3Client([
'credentials' => $credentials,
'region' => 'eu-west-1',
'version' => '2006-03-01',
]);
//Here we specify the command that we want to execute on our AWS resource.
//ListBuckets, Put object...
//We tell with * to List **all** the buckets
$cmd = $s3Client->getCommand('ListBuckets', [
'Bucket' => '*'
]);
//We make the request, including the command we want to execute and the lifespan //of the url. It will be available only 20min, 10min... Whatever you want.
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
// Get the actual presigned-url, with this URL can make the request to AWS and it will be valid, we will be requesting AWS to LIST ALL my S3 buckets.
$presignedUrl = (string)$request->getUri();
echo($presignedUrl . "<br>");
echo "<br>";
//What we are going to get, is an XML file, from that file we want (in my case) //the name only so...
$xml = simplexml_load_file($presignedUrl);
//echo $xml->Buckets->Bucket->Name;
foreach ($xml->Buckets->Bucket as $namee)
{
echo $namee->Name . "\n";
}
使用这段代码,每当有人询问 listbucket.php,在后端,它会生成一个有效的 aws 请求,并打印出该请求的响应名称。
就是这样:)
我正在学习使用 AWS 的 PHP SDK。
我想要实现的是,当某些用户在我的网站上请求 .php 页面时。
example.com/listbuckets.php
该页面应该 return 与我的 IAM 角色关联的存储桶。
这是我的代码:
$s3Client = new S3Client([
'profile' => 'default',
'region' => 'eu-west-1',
'version' => 'latest'
]);
//Listing all S3 Bucket
$buckets = $s3Client->listBuckets();
foreach ($buckets['Buckets'] as $bucket) {
echo $bucket['Name'] . "\n";
}
?>
使用该代码,通过 CLI 或终端,我可以成功地看到我的 S3 存储桶。但是当我通过浏览器请求页面时,它显示 500 Internal Server Error。
我在这里遗漏了什么?
提前致谢。
编辑: 我尝试通过以下方式传递我的 AWS Creds (key/secret):
$credentials = new Aws\Credentials\Credentials('key', 'secret');
$s3 = new Aws\S3\S3Client([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => $credentials
]);
如果通过网络浏览器访问,我仍然无法解析 php 页面,这可能是与 permissions/ownership 相关的问题吗?如果我通过终端执行,即使我可以看到我的桶
php listbuckets.php
编辑2: 我在
上传递了一个新参数$s3Client = new Aws\S3\S3Client([
'version' => 'latest',
'region' => 'eu-west-1',
'credentials' => $credentials,
'debug' => true
]);
现在页面正在响应这段文本:
-> Entering step init, name 'idempotency_auto_fill' --------------------------------------------------- command was set to array(3) { ["instance"]=> string(32) "044155c203a162626f000d004ff45d46" ["name"]=> string(11) "ListBuckets" ["params"]=> array(2) { ["@http"]=> array(1) { ["debug"]=> resource(4) of type (stream) } ["@context"]=> array(0) { } } } request was set to array(0) { } -> Entering step init, name 's3.ssec' ------------------------------------- no changes -> Entering step init, name 's3.source_file' -------------------------------------------- no changes -> Entering step init, name 's3.save_as' ---------------------------------------- no changes -> Entering step init, name 's3.location' ----------------------------------------- no changes -> Entering step init, name 's3.auto_encode' -------------------------------------------- no changes -> Entering step init, name 's3.head_object' -------------------------------------------- no changes -> Entering step validate, name 'validation' -------------------------------------------- no changes -> Entering step validate, name 'input_validation_middleware' ------------------------------------------------------------- no changes -> Entering step build, name 'builder' -------------------------------------- request.instance was set to 00fq4442000004ffw2c46 request.method was set to GET request.headers was set to array(2) { ["X-Amz-Security-Token"]=> string(7) "[TOKEN]" ["Host"]=> array(1) { [0]=> string(26) "s3.eu-west-1.amazonaws.com" } } request.scheme was set to https request.path was set to / -> Entering step build, name 'ApiCallMonitoringMiddleware' ---------------------------------------------------------- no changes -> Entering step build, name '' ------------------------------- request.instance changed from e33e626cc to 00dw0sq03c45d46 request.headers.User-Agent was set to array(1) { [0]=> string(50) "aws-sdk-php/3.178.4 OS/Linux/4.19.0-16-cloud-amd64" } -> Entering step build, name 'endpoint_parameter' ------------------------------------------------- no changes -> Entering step build, name 'EndpointDiscoveryMiddleware' ---------------------------------------------------------- no changes -> Entering step build, name 's3.checksum' ------------------------------------------ no changes -> Entering step build, name 's3.content_type' ---------------------------------------------- no changes -> Entering step build, name 's3.endpoint_middleware' ----------------------------------------------------- no changes -> Entering step build, name 's3.bucket_endpoint_arn' ----------------------------------------------------- no changes -> Entering step sign, name 'StreamRequestPayloadMiddleware' ------------------------------------------------------------ no changes -> Entering step sign, name 'invocation-id' ------------------------------------------- request.instance changed from 000003a1626c9002f900025d46 to 0e55j00003a1626cy004ff4r3d46 request.headers.aws-sdk-invocation-id was set to array(1) { [0]=> string(32) "321593e23171d701cdwae9" } -> Entering step sign, name 'retry' ----------------------------------- request.instance changed from dw000qdqd04ff45d46 to 0400411626c4210004445d46 request.headers.aws-sdk-retry was set to array(1) { [0]=> string(3) "0/0" } -> Entering step sign, name 'signer' ------------------------------------ request.instance changed from 02z00004ss2004ff45d46 to 01626d000045d46 request.headers.x-amz-content-sha256 was set to array(1) { [0]=> string(64) "ec44298f9b934ca491b7855" } request.headers.X-Amz-Date was set to array(1) { [0]=> string(16) "25T142413Z" } request.headers.Authorization was set to array(1) { [0]=> string(211) "AWS4-HMAC-SHA256 Credential=[KEY]/20210415/eu-west-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=[SIGNATURE] }
我编辑了一些值,但是来自亚马逊,这个错误与什么有关? 似乎是签名错误
编辑 3:
正如我所说,这似乎是一个签名错误,我比较了两段代码,一段来自浏览器,另一段来自终端,浏览器请求就停在了。
Entering step sign, name 'signer'
当我从 ec2 实例使用我的终端时,我如何才能以与签名相同的方式(通过浏览器)签名?
编辑 4: 我进行了大量管理和搜索,发现我应该使用预签名 URLS。 使用以下代码,我可以授予用户 20 分钟的生命周期 link,这将重定向他并向他显示所有可用的存储桶。
$s3Client = new Aws\S3\S3Client([
'credentials' => $credentials,
'region' => 'eu-west-1',
'version' => '2006-03-01',
]);
$cmd = $s3Client->getCommand('ListBuckets', [
'Bucket' => '*'
]);
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
// Get the actual presigned-url
$presignedUrl = (string)$request->getUri();
echo($presignedUrl);
编辑 5: 如果有人想打印 AWS PHP SDK 生成的 url 的结果,请使用此 php 代码
$result = file_get_contents($presignedUrl);
echo($result);
我终于明白了,所以我要 post 答案!
将代码放在 try/catch 块中。在 catch 中打印错误消息。
您是否已经安装了 composer?
PHP?
中激活的所有错误输出所以整点是正确的,但我执行错了,我向任何正在学习 AWS PHP SDK 的人推荐这个 article 这样 he/she 可以更好地理解这个概念从 browser/client.
制作预签名网址让我们分解一下这个问题, 场景是,当有人请求我的 listbuckets.php 页面时,该页面应该打印出我所有的 S3 存储桶。好的
需要的东西: 1- AWS 账户 2- EC2实例 3- S3 桶 4- 通过 SSH 访问 EC2 5- EC2 上的 Composer 6- AWS PHP SDK 安装在您的网络项目的根目录中。
当你拥有所有这些东西时,如果你想从任何对 AWS 资源有效的用户发出匿名请求,你应该使用 presigned-urls.
转到您的listbuckets.php。
代码:
//Key and Secret are variables that you get from your IAM Acces Management
$credentials = new Aws\Credentials\Credentials('KEY','SECRET');
//Create an S3 Client to communicate with AWS.
$s3Client = new Aws\S3\S3Client([
'credentials' => $credentials,
'region' => 'eu-west-1',
'version' => '2006-03-01',
]);
//Here we specify the command that we want to execute on our AWS resource.
//ListBuckets, Put object...
//We tell with * to List **all** the buckets
$cmd = $s3Client->getCommand('ListBuckets', [
'Bucket' => '*'
]);
//We make the request, including the command we want to execute and the lifespan //of the url. It will be available only 20min, 10min... Whatever you want.
$request = $s3Client->createPresignedRequest($cmd, '+20 minutes');
// Get the actual presigned-url, with this URL can make the request to AWS and it will be valid, we will be requesting AWS to LIST ALL my S3 buckets.
$presignedUrl = (string)$request->getUri();
echo($presignedUrl . "<br>");
echo "<br>";
//What we are going to get, is an XML file, from that file we want (in my case) //the name only so...
$xml = simplexml_load_file($presignedUrl);
//echo $xml->Buckets->Bucket->Name;
foreach ($xml->Buckets->Bucket as $namee)
{
echo $namee->Name . "\n";
}
使用这段代码,每当有人询问 listbucket.php,在后端,它会生成一个有效的 aws 请求,并打印出该请求的响应名称。
就是这样:)