I'm using AWS ECS for a Laravel app and trying to setup AWS SES. I'm getting the error
Error retrieving credentials from the instance profile metadata service.
I got this to work locally by having Laravel use my default aws profile. However on ECS I would like to authorize by adding the SES access policy to the Task Role. I have already added the allow SES policy to the task role, but I'm still getting the above error. Am I missing something. Is this not possible?
I've looked at this answer and based on number 3 it should be possible, unless with using Laravel this doesn't work.
Update:
I think this issue has something to do with php-fpm using www-data as the user instead of root (recommended due to security ). I'm wondering if when aws adds credentials to the container on startup using IAM, it only adds it for the root user and not other users.
Update 2:
The above was not the issue. Even when running php-fpm as root, I'm still getting the above error.
Update 3:
We came across one issue in where the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI was not being set in the container. This is due to the CMD of the Docker file being the PID 1 process and the variable is not available to non-PID 1 processes. See here. After fixing that issue, I'm able to call aws ses and send an email from the cli inside the container, but I'm still not able to send an email using the http server (from the website).
