Amazon S3 pre-signed POSTs with AWS SDK for PHP Version 3
Much like pre-signed URLs, pre-signed POSTs enable you to give write access to a user without giving them AWS credentials. Pre-signed POST forms can be created with the help of an instance of AwsS3PostObjectV4.
The following examples show how to:
-
Get data for an S3 Object POST upload form using PostObjectV4.
All the example code for the AWS SDK for PHP is available here on
GitHub
Credentials
Note
PostObjectV4
does not work with credentials sourced from
AWS IAM Identity Center.
Before running the example code, configure your AWS credentials, as described in Credentials. Then import the AWS SDK for PHP, as described in Basic usage.
Create PostObjectV4
To create an instance of PostObjectV4
, you must provide the following:
-
instance of
Aws\S3\S3Client
-
bucket
-
associative array of form input fields
-
array of policy conditions (see Policy Construction in the Amazon Simple Storage Service User Guide)
-
expiration time string for the policy (optional, one hour by default).
Imports
require '../vendor/autoload.php'; use Aws\S3\PostObjectV4; use Aws\S3\S3Client;
Sample Code
require '../vendor/autoload.php'; use Aws\S3\PostObjectV4; use Aws\S3\S3Client; $client = new S3Client([ 'profile' => 'default', 'region' => 'us-east-1', ]); $bucket = 'amzn-s3-demo-bucket10'; $starts_with = 'user/eric/'; $client->listBuckets(); // Set defaults for form input fields. $formInputs = ['acl' => 'public-read']; // Construct an array of conditions for policy. $options = [ ['acl' => 'public-read'], ['bucket' => $bucket], ['starts-with', '$key', $starts_with], ]; // Set an expiration time (optional). $expires = '+2 hours'; $postObject = new PostObjectV4( $client, $bucket, $formInputs, $options, $expires ); // Get attributes for the HTML form, for example, action, method, enctype. $formAttributes = $postObject->getFormAttributes(); // Get attributes for the HTML form values. $formInputs = $postObject->getFormInputs(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>PHP</title> </head> <body> <form action="<?php echo $formAttributes['action'] ?>" method="<?php echo $formAttributes['method'] ?>" enctype="<?php echo $formAttributes['enctype'] ?>"> <label id="key"> <input hidden type="text" name="key" value="<?php echo $starts_with ?><?php echo $formInputs['key'] ?>"/> </label> <h3>$formInputs:</h3> acl: <label id="acl"> <input readonly type="text" name="acl" value="<?php echo $formInputs['acl'] ?>"/> </label><br/> X-Amz-Credential: <label id="credential"> <input readonly type="text" name="X-Amz-Credential" value="<?php echo $formInputs['X-Amz-Credential'] ?>"/> </label><br/> X-Amz-Algorithm: <label id="algorithm"> <input readonly type="text" name="X-Amz-Algorithm" value="<?php echo $formInputs['X-Amz-Algorithm'] ?>"/> </label><br/> X-Amz-Date: <label id="date"> <input readonly type="text" name="X-Amz-Date" value="<?php echo $formInputs['X-Amz-Date'] ?>"/> </label><br/><br/><br/> Policy: <label id="policy"> <input readonly type="text" name="Policy" value="<?php echo $formInputs['Policy'] ?>"/> </label><br/> X-Amz-Signature: <label id="signature"> <input readonly type="text" name="X-Amz-Signature" value="<?php echo $formInputs['X-Amz-Signature'] ?>"/> </label><br/><br/> <h3>Choose file:</h3> <input type="file" name="file"/> <br/><br/> <h3>Upload file:</h3> <input type="submit" name="submit" value="Upload to Amazon S3"/> </form> </body> </html>