0
votes

I have a public S3 bucket called latheesan-public-bucket (for example) in AWS in the eu-west-1 region.

If I were to visit the following url in the browser (for example):

https://latheesan-public-bucket.s3-eu-west-1.amazonaws.com/

I get the following XML showing that I have one file in the bucket:

<?xml version="1.0" encoding="UTF-8"?>
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <Name>latheesan-public-bucket</Name>
    <Prefix />
    <Marker />
    <MaxKeys>1000</MaxKeys>
    <IsTruncated>false</IsTruncated>
    <Contents>
        <Key>test.json</Key>
        <LastModified>2017-07-11T16:39:50.000Z</LastModified>
        <ETag>"056f32ee5cf49404607e368bd8d3f2af"</ETag>
        <Size>17658</Size>
        <StorageClass>STANDARD</StorageClass>
    </Contents>
</ListBucketResult>

If I were to then visit https://latheesan-public-bucket.s3-eu-west-1.amazonaws.com/test.json I can download my file from my public bucket.

In order to achieve the same in my Laravel application; I first added this package via composer:

league/flysystem-aws-s3-v3

Then on my .env I've added the following lines:

AWS_REGION=eu-west-1
AWS_BUCKET=latheesan-public-bucket

Lastly, I then tried to use the laravel filesystem to access the public s3 bucket file like this:

$json = Storage::disk('s3')->get('test.json');

When I did this; I got the following error:

Error retrieving credentials from the instance profile metadata server. (cURL error 28: Connection timed out after 1000 milliseconds (see http://curl.haxx.se/libcurl/c/libcurl-errors.html))

So, I updated my .env with some fake credentials:

AWS_KEY=123
AWS_SECRET=123
AWS_REGION=eu-west-1
AWS_BUCKET=latheesan-public-bucket

Now I get this error:

Illuminate \ Contracts \ Filesystem \ FileNotFoundException
test.json

So my question is; firstly what am I doing wrong here? Is there no way to access a public s3 bucket in laravel without actually providing a valid S3 Key/secret? what if I don't know them? I only have the url to the public s3 bucket.

P.S. the latheesan-public-bucket does not exist (it was a dummy bucket name to explain my problem, I do have a real public bucket I am trying to work with and it works fine in browser as explained above).

2

2 Answers

2
votes

When you try to access it via the HTTPS URL, it works because it is public, and you're

When you try to access it via the SDK, it is trying to use the API to access it.

So either give your instance profile the correct permissions to access the bucket (which would no longer need to be public) or simply use an http client to retrieve the file.

1
votes

If you use the S3 API to access your bucket, AWS credentials are required. The reasons is that the API needs to sign the S3 request.