Error retrieving credentials from the instance profile metadata server with credentials defined in .aws folder
You probably need to move the .aws folder to the home folder of the service (apache) and not your home folder. The aws sdk can't find it and you receive this error. However, it isn't a good idea to use aws configure
inside an EC2 instance.
The http://169.254.169.254/latest/meta-data/ is the meta-data url only available from inside an EC2 instance. For services running in EC2 (or other AWS compute service) you SHOULD NOT use AWS credentials to access services. Instead, you should create an IAM role and add assign it to the instance. From the console, you can do that with the Actions button:
Only assign required permissions to the role (S3 read/write).
Your code ($s3 = new Aws\S3\S3Client
) will try to load the default credentials. It will first try to call the meta-data service and get temporary credentials that correspond to the IAM role permissions.
AWS v3 + PHP: Error retrieving credentials from the instance profile metadata server
Think you have some whitespace in the 'credentials' key in your array.
'credentials ' => array('key'=>KEY,
'secret'=>SECRET)
should be
'credentials' => array('key'=>KEY,
'secret'=>SECRET)
Edit: Try updating your credentials to use Aws' credential object
$credentials = new Aws\Credentials\Credentials(AWS_ACCESS_KEY_ID ,AWS_SECRET_ACCESS_KEY);
$config = array(
'bucket' => BUCKET,
'region' => 'eu-west-3',
'version' => 'latest',
'credentials ' => $credentials
);
Error retrieving credentials from the instance profile metadata server
The error you are getting is a clue:
fopen(http://169.254.169.254/latest/meta-data/iam/security-credentials/):
failed to open stream: Connection timed out
The library is attempting to access the security credentials metadata, but is getting a timeout.
Can you confirm that that URL can be opened from inside the instance? This code should be on a working AWS instance of course, and the metadata URLs should be accessible.
There may be some issue causing that URL to be blocked. Firewall? Security Groups?
Error retrieving credentials from the instance profile metadata server error in AWS SDK
I am not familiar with Cognito, but the error you're seeing is that your code is attempting to access the Instance Metadata available in EC2. The AWS PHP SDK has a specific order in which it attempts to locate credentials. Here is an outline of different credential methods using the PHP SDK.
So, I suspect it works on your local machine because you have an IAM profile configured using the AWS CLI aws configure
command.
It most likely works on your staging server because that server has an IAM Role attached to the EC2 instance. The PHP doesn't find a locally configured IAM profile, so it then skips to attempting to access the EC2 metadata, which it does successfully, so it gets authenticated.
Now, when you deploy to Heroku, it is no longer on an EC2 instance, or in your local environment. So, your CredentialProvider fails. My suggestion would be to utilize Config Vars in Heroku, then change your code to use CredentialProvider::env()
as outlined here. You would need to create an IAM user with the same role as your EC2 instance that works (or enough permissions to do what you need to do). This would allow your application to securely access Cognito from an environment external to AWS.
AWS Error retrieving credentials from the instance profile metadata server
The meta-data of instance-profile credentials is under
http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance
If that is failing it might be an issue with the hypervisor/droplet that your server has been spun up on. This endpoint will give you the last time credentials were refreshed.
'http://169.254.169.254/latest/meta-data/identity-credentials/ec2/info'
If other servers with identical AMI's and availability zones aren't having an issue, I would log a support ticket, terminate and move on.
Related Topics
What Are the Risks of PHP Sessions
Memory Optimization in PHP Array
PHP Warning:Mysqli_Num_Rows() Expects Parameter 1 to Be MySQLi_Result, Object Given
Checking for Empty Arrays: Count VS Empty
How to Design a Hierarchical Role Based Access Control System
How to Integrate Moneybookers in Web Application in PHP
Detect "Overall Average" Color of the Picture
How to Install All Required PHP Extensions for Laravel
Examples of Vulnerable PHP Code
Checking If an Instance's Class Implements an Interface
When to Generate a New Application Key in Laravel
Dyld: Library Not Loaded: /Usr/Local/Lib/Libjpeg.8.Dylib - Homebrew PHP
Email PDF Attachment with PHP Using Fpdf
PHP Error: "The Zip Extension and Unzip Command Are Both Missing, Skipping."
How to Detect and Handle MySQL Warnings with PHP
Multiple Auto Increment in MySQL
Laravel Eloquent: Accessing Properties and Dynamic Table Names