I am running into an error attempting to authenticate and create a new Route53 Record Set using the Amazon's PHP SDK and changeresourceRecordSets. Here's what I have attempted so far:
- Installed the AWS SDK for Laravel
- Used Amazon's IAM to create a new user and group and applied the FullAdministrator policy to the group.
- Stored the new user credentials and other AWS variables in my .env file like so:
Code below:
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=XXYYZZ
AWS_SECRET_ACCESS_KEY=112233
AWS_ZONE_ID=UHUHUHUH
- Confirmed that my Laravel environment is configured correctly and my controller works by testing the following:
Code below:
$s3 = AWS::createClient('s3');
$s3->putObject(array(
'Bucket' => 'mydomain.com',
'Key' => 'new.pdf',
'SourceFile' => storage_path('app/old.pdf'),
));
- Once I confirmed that my credentials worked against S3, I closely followed this SO answer and code to create a new Route53 client and create a new Record Set in my Route53 Hosted Zone. Here's my slightly modified code:
Code below:
$client = AWS::createClient('Route53');
//dd($client); $client object returned, this works
$result = $client->changeResourceRecordSets(array(
'HostedZoneId' => env('AWS_ZONE_ID'),
'ChangeBatch' => array(
'Comment' => 'just testing',
'Changes' => array(
array(
'Action' => 'CREATE',
'ResourceRecordSet' => array(
'Name' => 'test.mydomain.com.',
'Type' => 'A',
'TTL' => 600,
'ResourceRecords' => array(
array(
'Value' => '52.52.52.52',//my AWS IP address
),
),
),
),
),
),
));
- The resulting error is as follows:
Client error:
POST https://route53.amazonaws.com/2013-04-01/hostedzone/MYZONE/rrset/resulted in a403 Forbiddenresponse: Sender
And more from the error...
SignatureDoesNotMatch (client): Signature expired: 20160225T215502Z is now earlier than 20160225T220842Z (20160225T221342Z - 5 min.)
Any suggestions are appreciated.
