Login/Register
Error retrieving credentials from the instance profile metadata server. Laravel S3
Asked Answered
phplaravelamazon-s3
A

5

12

Issue

The same code, on almost identical servers, fails locally and on production, however works on our staging server. When we attempt to interact with an item in a bucket, we get an Error retrieving credentials.... - Both servers, staging and production, are deployed by Envoyer and provisioned by Forge to AWS EC2 instances. - Both instances hit the same bucket with the same bucket policy. - .env settings are same for all, minus the server name and debugging

Error on production:

Aws\Exception\CredentialsException
Error retrieving credentials from the instance profile metadata server. (cURL error 28: Connection timed out after 1003 milliseconds (see http://curl.haxx.se/libcurl/c/libcurl-errors.html))

Server settings

Staging

  • Ubuntu 16.04.2 LTS on AWS
  • PHP 7.1.3-3
  • NPM 3.10.10
  • Node v6.10.1

Production

  • Ubuntu 16.04.1 LTS on AWS EC2
  • PHP 7.1.6-1
  • npm 3.10.10
  • Node v6.10.1

Composer.json packages

"laravel/framework": "5.4.*",       // 5.4.25
"aws/aws-sdk-php-laravel": "~3.0",  // 3.1.0
"guzzlehttp/guzzle": "~6.0",        // 6.2.3

Code sample

function getPhoto($personID)
{
   $contents   = '';
   $id         = $personID;
   $cloudFront = env('AWS_CLOUDFRONT_PHOTO'); // d212rosgvhtylp.cloudfront.net
   $fileKey    = filePath($id) . '_t.jpg'; // 9ae299a1990e79d62f07c28bb60ecf6f_t.jpg
   $fileURL    = $cloudFront . '/' . filePath($id) . '_t.jpg'; // d212rosgvhtylp.cloudfront.net/9ae299a1990e79d62f07c28bb60ecf6f_t.jpg
   // check if in remote storage then get contents
   $contents = Storage::disk('s3photo')->get($fileKey); /* ****** FAILS HERE ****** */
   // stream bioPhoto
   header('Content-Type: image/jpeg');
  echo $contents;
}
Amphitheater answered 22/6, 2017 at 15:11 Comment(3)
Refer this link forums.aws.amazon.com/thread.jspa?threadID=193102Valiancy
Thanks for the help. I saw that article prior posing this and made those adjustments to match that code. The servers are still running the same code base.Amphitheater
Possible duplicate of AWS SDK for PHP: Error retrieving credentials from the instance profile metadata serverArmandinaarmando
P
13

After ensuring your .env files contain the correct values for the AWS client, run the following command:

php artisan config:clear

This should clear up your issue if it is caused by initially having incorrect or missing env data, not sure when the cache is updated on it's own but the config cache seems to be pretty persistent.

Perigee answered 12/10, 2017 at 20:38 Comment(2)
after running the config:clear command I was able to interact with AWS via tinker but my commands were still failing with this error until I rebooted the serverPerigee
After much searching, this is what I needed. I was SURE my AWS credentials were correct in my .env and they were but I needed to run the command you posted above. Thanks!Spay
H
5

I encountered this issue after I accedentially had entered the AWS_ACCESS_KEY_ID in the .env file twice.

.env:

AWS_ACCESS_KEY_ID=MYREALID
AWS_SECRET_ACCESS_KEY=myrealkey

...
...a lot of variables..
...

AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=

The AWS sdk therefor tries to search for these credentials elsewhere, at that's have the error occures.

Haight answered 2/3, 2020 at 17:17 Comment(1)
Oh my god, same! You saved my christmas eve ;)Hartebeest
S
1

I recently had this problem. In my case, it worked locally and not on the EC2 instance. I did not understand too much. In the end I realized that I had set up IAM locally in the default folder ~/.aws/credentials, so in local everything was good. So I poked in the laravel sources and I noticed that laravel was going to take the connection configs in the file services.php config folder.

Edit config/services.php and put in the AWS IAM keys. 

'mailgun' => [
    'domain' => env('MAILGUN_DOMAIN'),
    'secret' => env('MAILGUN_SECRET'),
],

'ses' => [
    'key' => env('AWS_KEY'),
    'secret' => env('AWS_SECRET'),
    'region' => env('AWS_REGION'),
],

'sparkpost' => [
    'secret' => env('SPARKPOST_SECRET'),
],

'stripe' => [
    'model' => App\User::class,
    'key' => env('STRIPE_KEY'),
    'secret' => env('STRIPE_SECRET'),
],

So I saw that my .env file did not have the AWS IAM login keys, those called in the config /services.php file.

After a small adjustment everything works great.

Sarracenia answered 31/10, 2017 at 13:30 Comment(0)
T
1

This issue may occur if you are passing the wrong ENV variables, check your config/filesystems.php: 

'key'    => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url'    => env('AWS_URL'),

See: https://github.com/laravel/laravel/blob/master/config/filesystems.php#L60

And make sure the keys are matching in your .env.

Pretty sure they changed the name in the last couple updates.

Tineid answered 5/1, 2019 at 5:42 Comment(0)
I
0

Also worth noting. It seems like if you run Laravel within a devcontainer, any environment variables you specify in the container's environment file via docker-compose will take precedence over those set in the .env file in the root of your Laravel project.

Was frustrating to figure out lol.

Ibis answered 12/8 at 5:43 Comment(1)
Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.Overplay

© 2022 - 2024 — McMap. All rights reserved.