API calls fail after PHP upgrade

[Mis741]

Describe the bug

Hello Team,

I am running a PHP web application on a Win11+Apache 2.4 machine. After upgrading PHP from 8.3 -> 8.4.4 every API calls fails due to a credential issue. Everything worked fine with PHP 8.3. My credential file is stored in .aws in my user directory.

The exception message is: Could not resolve an authentication scheme: Signature V4 requires AWS credentials for request signing

Please ask for further information if necessary.

Kind regards
Michael

Here is the complete error stacktrace:

Exception: Could not resolve an authentication scheme: Signature V4 requires AWS credentials for request signing

#0 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\Auth\AuthSelectionMiddleware.php(87): Aws\Auth\AuthSchemeResolver->selectAuthScheme()
#1 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\Middleware.php(110): Aws\Auth\AuthSelectionMiddleware->__invoke()
#2 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\PresignUrlMiddleware.php(77): Aws\Middleware::{closure:{closure:Aws\Middleware::validation():93}:94}()
#3 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\IdempotencyTokenMiddleware.php(77): Aws\PresignUrlMiddleware->__invoke()
#4 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\AwsClientTrait.php(64): Aws\IdempotencyTokenMiddleware->__invoke()
#5 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\AwsClientTrait.php(58): Aws\AwsClient->executeAsync()
#6 D:\Apps\Apache24\htdocs\Gimec4P\vendor\aws\aws-sdk-php\src\AwsClientTrait.php(86): Aws\AwsClient->execute()
#7 D:\Apps\Apache24\htdocs\Gimec4P\Service\ServiceFunctions.php(747): Aws\AwsClient->__call()
#8 D:\Apps\Apache24\htdocs\Gimec4P\Controller\ProjectController.php(562): Gimec\Service\ServiceFunctions::stackInstances()
#9 D:\Apps\Apache24\htdocs\Gimec4P\index.php(46): Gimec\Controller\ProjectController->showProjectAction()
#10 {main}

Regression Issue

• Select this option if this issue appears to be a regression.

Expected Behavior

API call to be executed

Current Behavior

Every API call fails

Reproduction Steps

Client intializing works fine:

$ec2Client = new Ec2Client(
[
'version' => 'latest',
'region' =>'eu-central-1',
'profile' => 'my-profile',
]);

But executing the API call fails:

$result = $ec2Client->describeInstances();

Possible Solution

No response

Additional Information/Context

No response

SDK version used

AWS/SDK PHP 3.342.4

Environment details (Version of PHP (php -v)? OS name and version, etc.)

PHP 8.4.4

[yenfryherrerafeliz]

Hi @Mis741, I just did a little of investigation on this issue and the only explanation for this error is that the SDK client is not able to load credentials from any source, and the why for this it is unrelated to the SDK. In my case, even after upgrading to PHP 8.4 I have not issues while having my credentials in a shared aws file. So, you can try different things to understand what the issue may be, but my first suggestion would be to check if the PHP 8.4 installation is under another user ownership, because this could make the php executable to not have the permissions to read/load the resources from the .aws folder. Even if is not under another user ownership you may want to check its permissions. For this you could create a test php file that tries to read any file from that folder using the php 8.4 executable and from the same context you are normally running your application. But, please make sure you do not expose any sensitive information read from the credentials file.

I look forward to know how your investigation went.

Thanks!

[JBtje]

PHP 8.3.12, same problem using the latest version: 3.342.6

I downgraded to 3.339.17 and the error is gone and all is working as expected.

My assumption is that 'version' => 'latest', is the cause of the problem, and that latest has changed to a new version(?) that requires more or so?

[stobrien89]

Hi @JBtje,

I don't think it's related to the api version, but it's still difficult to say. The best way for us to determine the cause is to get debug log output. Could you provide us the output of a failed call after adding 'debug' => true to your service client? Please redact any sensitive information, such as account numbers.