Clever Geek Handbook

How can I use Storage :: disk ('s3') & # 8594; put () when my s3 x-amz-server-side-encryption is AES256 in Laravel 5.1?

RT.

This is my s3 filesystem config:

's3' => [
        'driver' => 's3',
        'key'    => env('AWS_ACCESS_KEY_ID'),
        'secret' => env('AWS_SECRET_ACCESS_KEY'),
        'region' => env('AWS_REGION'),
        'bucket' => env('AWS_BUCKET'),
    ],

And this is my composer .json:

"require": {
        "laravel/framework": "5.1.*",
        "barryvdh/laravel-ide-helper": "~2.0",
        "predis/predis": "~1.0",
        "guzzlehttp/guzzle": "~5.0",
        "league/flysystem-aws-s3-v3": "~1.0",
        "raven/raven": "0.12.*"
    },

And this is my s3 bucket policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DenyUnEncryptedObjectUploads",
            "Effect": "Deny",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::*****bucket_name*****/*",
            "Condition": {
                "StringNotEquals": {
                    "s3:x-amz-server-side-encryption": "AES256"
                }
            }
        }
    ]
}

Yes, I used "s3:x-amz-server-side-encryption": "AES256"

PutObject as my condition, but I want to use this code:

Storage::disk('s3')->put('test.log','123');

But when I run it I get a response like this:

[Aws\S3\Exception\S3Exception]                                                                                                                                    
Error executing "HeadObject" on "https://s3-ap-northeast-1.amazonaws.com/****bucket_name****/test.log"; AWS HTTP error: Client error response [url]https://s3-ap-northeast-1.amazonaws.com/****bucket_name****/test.log [status code] 403 [reason phrase] Forbidden  (client): 403 Forbidden (Request-ID: 39C30C8512E5ED16) -

[GuzzleHttp\Exception\ClientException]                                                                                                                     
Client error response [url] https://s3-ap-northeast-1.amazonaws.com/****bucket_name****/test.log [status code] 403 [reason phrase] Forbidden

So how can I do this? Thank!

+3


source to share


2 answers


(Laravel 5.3) If your bucket policy requires server side encryption for all objects, rather than accessing the S3 driver and passing arguments, I was able to universally enable S3 SSE by setting it as an option in the config:

config / filesystems.php

...

's3' => [
                'driver' => 's3',
                'key'    => env('AWS_ACCESS_KEY_ID'),
                'secret' => env('AWS_SECRET_ACCESS_KEY'),
                'region' => env('AWS_REGION'),
                'bucket' => env('AWS_S3_BUCKET'),
                'options' => [
                    'ServerSideEncryption' => 'AES256',
                ]
            ],

...


With the ServerSideEncryption set in the configuration, I can directly invoke method calls on "disk".

$s3 = Storage::disk('s3');
$s3->putFileAs($prefix, new File($path), $filename);
+4


source


If you get an S3 driver, you can supply arguments:



Storage::disk('s3')->getDriver()->put('filename', 'randomdata', ['ServerSideEncryption' => 'AES256']);
+1


source






More articles:


All Articles