healthengine/laravel-easy-aws

Cache dynamic AWS credentials

v3.0.1 2024-08-29 06:56 UTC

This package is auto-updated.

Last update: 2024-11-15 00:19:32 UTC


README

Latest Stable Version Total Downloads

This is an extension to the Laravel AWS SDK that provides cacheable dynamic credentials - such as those provided by the EC2 Metadata API. This is necessary if you want to php artisan config:cache whilst also not using hard coded credentials - since Laravel is unable to cache the Guzzle promise that resolves to credentials when used.

It also binds certain AWS client objects to the Laravel container so you can typehint the specific clients you need, instead of using the AWS facade. Clients are added as needed and we welcome PRs so if you need one that is missing, please contribute.

Installation

composer require healthengine/laravel-easy-aws

Usage

There's not much to it. You can now typehint the S3Client directly and it will be resolved instead of having to use the facade to construct the S3 client:

// before
$s3 = AWS::createClient('s3');

// after
$s3 = app(Aws\S3\S3Client::class);

Credentials are resolved automatically using the default provider chain from the AWS SDK. The only difference is that they will be cached. This really only helps if that credentials chain ended up resolving credentials from the EC2 Metadata API, otherwise it would have been using hardcoded credentials of some kind and caching them doesn't help much.

You can configure which cache store to use by setting the environment variable EASYAWS_CACHE_STORE to any built in Laravel cache drivers.

Note

Caching credentials can be insecure. Be careful if you are going to use an external cache driver like Redis or database as the credentials are stored in plaintext.

SQS Client

The queue configuration for AWS SQS has also been modified to use these cached credentials. This means you don't need to add a key or secret for that client - if using SQS as your queue driver. Also please note that the prefix configuration key is not used because it is redundant, you'll need to prepend the value of prefix to queue.

License

Laravel Easy AWS is licensed under the MIT license.