SNS not working on Vapor

Hi,

I'm trying to send SMS from my application via AWS SNS on Vapor.

However, I get the following error.

Aws\Sns\Exception\SnsException:
Error executing "Publish" on "https://sns.ap-northeast-1.amazonaws.com"; AWS HTTP error: Client error: `POST https://sns.ap-northeast-1.amazonaws.com` resulted in a `403 Forbidden` response:
<ErrorResponse xmlns="http://sns.amazonaws.com/doc/2010-03-31/">
  <Error>
    <Type>Sender</Type>
    <Code>InvalidClie (truncated...)
 InvalidClientTokenId (client): The security token included in the request is invalid. - <ErrorResponse xmlns="http://sns.amazonaws.com/doc/2010-03-31/">
  <Error>
    <Type>Sender</Type>
    <Code>InvalidClientTokenId</Code>
    <Message>The security token included in the request is invalid.</Message>
  </Error>
  <RequestId>1cfcd634-387c-5c19-bf5b-814ba6f8aa0d</RequestId>
</ErrorResponse>

I don't set AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY because the document says these variables has reserved. https://docs.vapor.build/1.0/projects/environments.html#environment-variables

Please help.

Thank you

ryosukehashimoto

5 years ago

Level 2

replaced variables by replaceAwsEnvironmentVariables so that SnsException occured ;(

config/aws.php

<?php

use Aws\Laravel\AwsServiceProvider;

return [
    /*
    |--------------------------------------------------------------------------
    | AWS SDK Configuration
    |--------------------------------------------------------------------------
    |
    | The configuration options set in this file will be passed directly to the
    | `Aws\Sdk` object, from which all client objects are created. This file
    | is published to the application config directory for modification by the
    | user. The full set of possible options are documented at:
    | http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/configuration.html
    |
    */
    'credentials' => [
        'key' => env('NULL_AWS_ACCESS_KEY_ID', ''),
        'secret' => env('NULL_AWS_SECRET_ACCESS_KEY', ''),
    ],
    'region' => env('AWS_REGION', 'ap-northeast-1'),
    'version' => 'latest',
    'ua_append' => [
        'L5MOD/' . AwsServiceProvider::VERSION,
    ],
];

vapor-cli/src/BuildProcess/HarmonizeConfigurationFiles.php

/**
     * Replace the AWS environment variables with dummy variables so they will not be used.
     *
     * The keys and secrets are automatically injected by Lambda.
     *
     * @param  \SplFileInfo  $file
     * @return string
     */
    protected function replaceAwsEnvironmentVariables($file)
    {
        return str_replace([
            'AWS_ACCESS_KEY_ID',
            'AWS_SECRET_ACCESS_KEY',
            'AWS_SESSION_TOKEN',
        ], [
            'NULL_AWS_ACCESS_KEY_ID',
            'NULL_AWS_SECRET_ACCESS_KEY',
            'NULL_AWS_SESSION_TOKEN',
        ], file_get_contents($file->getRealPath()));
    }

ryosukehashimoto

5 years ago

Level 2

results of dump aws.php

$ vendor/laravel/vapor-cli/vapor tinker --code="dump(config('aws'))"==> Executing Function...

Status Code: 0

Output:

array:4 [
  "region" => "ap-northeast-1"
  "version" => "latest"
  "ua_append" => array:1 [
    0 => "L5MOD/3.5.0"
  ]
  "credentials" => array:2 [
    "key" => ""
    "secret" => ""
  ]
]

ryosukehashimoto

5 years ago

Level 2

Anyone?

ryosukehashimoto

5 years ago

Best Answer

Level 2

Resolved ;)

$client = new SnsClient([
                'region' => config('aws.region'),
   //             'credentials' => config('aws.credentials'),   <-- removed!
                'version' => config('aws.version'),
            ]);

AWS document says

Notice that we did not explicitly provide credentials to the client. https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/getting-started_basic-usage.html

Please or to participate in this conversation.