Error retrieving credentials from the instance profile metadata server. Laravel S3

Question

Issue

The same code, on almost identical servers, fails locally and on production, however works on our staging server. When we attempt to interact with an item in a bucket, we get an Error retrieving credentials.... - Both servers, staging and production, are deployed by Envoyer and provisioned by Forge to AWS EC2 instances. - Both instances hit the same bucket with the same bucket policy. - .env settings are same for all, minus the server name and debugging

Error on production:

Aws\Exception\CredentialsException
Error retrieving credentials from the instance profile metadata server. (cURL error 28: Connection timed out after 1003 milliseconds (see http://curl.haxx.se/libcurl/c/libcurl-errors.html))

Server settings

Staging

Ubuntu 16.04.2 LTS on AWS
PHP 7.1.3-3
NPM 3.10.10
Node v6.10.1

Production

Ubuntu 16.04.1 LTS on AWS EC2
PHP 7.1.6-1
npm 3.10.10
Node v6.10.1

Composer.json packages

"laravel/framework": "5.4.*",       // 5.4.25
"aws/aws-sdk-php-laravel": "~3.0",  // 3.1.0
"guzzlehttp/guzzle": "~6.0",        // 6.2.3

Code sample

function getPhoto($personID)
{
   $contents   = '';
   $id         = $personID;
   $cloudFront = env('AWS_CLOUDFRONT_PHOTO'); // d212rosgvhtylp.cloudfront.net
   $fileKey    = filePath($id) . '_t.jpg'; // 9ae299a1990e79d62f07c28bb60ecf6f_t.jpg
   $fileURL    = $cloudFront . '/' . filePath($id) . '_t.jpg'; // d212rosgvhtylp.cloudfront.net/9ae299a1990e79d62f07c28bb60ecf6f_t.jpg
   // check if in remote storage then get contents
   $contents = Storage::disk('s3photo')->get($fileKey); /* ****** FAILS HERE ****** */
   // stream bioPhoto
   header('Content-Type: image/jpeg');
  echo $contents;
}

+1 for your well formatted and clear described question. This is a rare thing to see for new users! Keep it up :D — Noel Widmer, Jun 22 '17 at 15:31
Refer this link https://forums.aws.amazon.com/thread.jspa?threadID=193102 — Mohan Shanmugam, Jun 22 '17 at 17:26
Thanks for the help. I saw that article prior posing this and made those adjustments to match that code. The servers are still running the same code base. — Aaron Holdsworth, Jun 22 '17 at 18:46
Possible duplicate of [AWS SDK for PHP: Error retrieving credentials from the instance profile metadata server](https://stackoverflow.com/questions/27400563/aws-sdk-for-php-error-retrieving-credentials-from-the-instance-profile-metadata) — Omar Ali, Aug 18 '17 at 08:06

score 13 · Answer 1 · answered Oct 12 '17 at 20:38

13

After ensuring your .env files contain the correct values for the AWS client, run the following command:

php artisan config:clear

This should clear up your issue if it is caused by initially having incorrect or missing env data, not sure when the cache is updated on it's own but the config cache seems to be pretty persistent.

answered Oct 12 '17 at 20:38

wheelmaker

2,975
2
21
32

after running the config:clear command I was able to interact with AWS via tinker but my commands were still failing with this error until I rebooted the server – wheelmaker Oct 13 '17 at 04:59
1

After much searching, this is what I needed. I was SURE my AWS credentials were correct in my .env and they were but I needed to run the command you posted above. Thanks! – CodeConnoisseur Sep 10 '20 at 17:19

score 5 · Answer 2 · answered Mar 02 '20 at 17:17

5

I encountered this issue after I accedentially had entered the AWS_ACCESS_KEY_ID in the .env file twice.

.env:

AWS_ACCESS_KEY_ID=MYREALID
AWS_SECRET_ACCESS_KEY=myrealkey

...
...a lot of variables..
...

AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=

The AWS sdk therefor tries to search for these credentials elsewhere, at that's have the error occures.

answered Mar 02 '20 at 17:17

thephper

2,342
22
21

1

Oh my god, same! You saved my christmas eve ;) – Mike Brouwer Dec 24 '21 at 17:43

score 1 · Answer 3 · answered Oct 31 '17 at 13:30

I recently had this problem. In my case, it worked locally and not on the EC2 instance. I did not understand too much. In the end I realized that I had set up IAM locally in the default folder ~/.aws/credentials, so in local everything was good. So I poked in the laravel sources and I noticed that laravel was going to take the connection configs in the file services.php config folder.

Edit config/services.php and put in the AWS IAM keys.

'mailgun' => [
    'domain' => env('MAILGUN_DOMAIN'),
    'secret' => env('MAILGUN_SECRET'),
],

'ses' => [
    'key' => env('AWS_KEY'),
    'secret' => env('AWS_SECRET'),
    'region' => env('AWS_REGION'),
],

'sparkpost' => [
    'secret' => env('SPARKPOST_SECRET'),
],

'stripe' => [
    'model' => App\User::class,
    'key' => env('STRIPE_KEY'),
    'secret' => env('STRIPE_SECRET'),
],

So I saw that my .env file did not have the AWS IAM login keys, those called in the config /services.php file.

After a small adjustment everything works great.

score 1 · Answer 4 · answered Jan 05 '19 at 05:42

This issue may occur if you are passing the wrong ENV variables, check your config/filesystems.php:

'key'    => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url'    => env('AWS_URL'),

See: https://github.com/laravel/laravel/blob/master/config/filesystems.php#L60

And make sure the keys are matching in your .env.

Pretty sure they changed the name in the last couple updates.