Last active
July 22, 2019 21:12
-
-
Save jakxnz/71dd5f50e1273a400db07a1df7507cc9 to your computer and use it in GitHub Desktop.
SilverStripe 4 configuring an AWSClient to assume an IAM role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Vendor\App\Consumer; | |
/** | |
* A class that implements an AwsClient | |
*/ | |
class AwsClientConsumer | |
{ | |
/** | |
* @var AwsClient | |
*/ | |
protected $awsClient; | |
/** | |
* Cognito constructor. | |
*/ | |
public function __construct($awsClient) | |
{ | |
$this->awsClient = $awsClient; | |
} | |
/** | |
* @return AwsClient | |
*/ | |
public function getClient(): AwsClient | |
{ | |
return $this->awsClient; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Vendor\App\Factory; | |
use Aws\Credentials\CredentialProvider; | |
use Aws\Sdk; | |
use SilverStripe\Core\Injector\Factory; | |
/** | |
* Class AwsClientFactory | |
* | |
* A silverstripe compatible factory which employs the Aws\Sdk factory to | |
* instantiate clients with some extra treatment | |
* | |
* SilverStripe\Core\Injector\Injector: | |
* S3Client: | |
* factory: Vendor\App\Factory\AwsClientFactory | |
* constructor: | |
* service: s3 # The Sdk manifest namespace | |
* configuration: | |
* region: 'us-west-2' | |
* version: 'latest' | |
* | |
*/ | |
class AwsClientFactory implements Factory | |
{ | |
/** | |
* Creates a new client instance | |
* | |
* @param string $class The class name of the service. | |
* @param array $params The constructor parameters. | |
* @return object The created service instances. | |
*/ | |
public function create($class, array $params = array()) | |
{ | |
if (array_key_exists('memoize', $params) | |
&& array_key_exists('credentials', $params['configuration']) | |
&& ($params['memoize'] !== false && $params['memoize'] !== 'false') | |
) { | |
$params['configuration']['credentials'] = CredentialProvider::memoize($params['configuration']['credentials']); | |
} | |
return (new Sdk())->createClient($params['service'], $params['configuration']); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"require": { | |
"aws/aws-sdk-php": "^3.0", | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SilverStripe\Core\Injector\Injector: | |
StsClient: | |
class: 'Aws\Sts\StsClient' | |
constructor: | |
configuration: | |
region: 'us-west-2' | |
version: 'latest' | |
AssumeRoleCredentialProvider: | |
class: Aws\Credentials\AssumeRoleCredentialProvider | |
constructor: | |
configuration: | |
client: '%$StsClient' | |
assume_role_params: | |
RoleArn: '<replace:with:arn>' | |
RoleSessionName: 'session-name' | |
S3Client: | |
factory: Vendor\App\Factory\AwsClientFactory | |
constructor: | |
service: s3 | |
configuration: | |
region: 'us-west-2' | |
version: 'latest' | |
credentials: '%$AssumeRoleCredentialProvider' | |
memoize: true | |
Vendor\App\Consumer\AwsClientConsumer: | |
constructor: | |
awsClient: '%$S3Client' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
... | |
$consumer = Injector::inst()->get(AwsClientConsumer::class); | |
// Consumer class is instantiated with the AwsClient defined in the injector configuration | |
// (in this example; an S3Client) | |
$buckets = $consumer->getAwsClient()->ListBuckets(); | |
/** | |
* Note: For anyone new to the AWS PHP SDK, all clients follow very similar conventions | |
* so this could be applied to another AWS PHP client with only trivial deviation | |
*/ | |
... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment