使用环境变量中的凭证 - Amazon适用于 PHP 的开发工具包
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

使用环境变量中的凭证

使用环境变量以包含凭证将防止您意外共享您的Amazon秘密访问密钥。建议您从不将您的Amazon访问密钥直接连接到客户端的任何生产文件。许多开发人员通过其账户已经受损泄露密钥。

为了对 Amazon Web Services 进行身份验证,开发工具包首先检查环境变量中的凭证。开发工具包会使用 getenv() 函数来查找 AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYAWS_SESSION_TOKEN 环境变量。这些凭证称为环境凭证

如果您将应用程序托管在Amazon Elastic Beanstalk,您可以设置AWS_ACCESS_KEY_IDAWS_SECRET_KEY环境变量Amazon Elastic Beanstalk控制台,以便 SDK 可以自动使用这些凭据。

您也可以在命令行中设置环境变量,如下所示。

Linux

$ export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE # The access key for your Amazon account. $ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY # The secret access key for your Amazon account. $ export AWS_SESSION_TOKEN=AQoDYXdzEJr...<remainder of security token> # The session key for your Amazon account. This is needed only when you are using temporary credentials. # The AWS_SECURITY_TOKEN environment variable can also be used, but is only supported for backward compatibility purposes. # AWS_SESSION_TOKEN is supported by multiple Amazon SDKs other than PHP.

Windows

C:\> SET AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE # The access key for your Amazon account. C:\> SET AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY # The secret access key for your Amazon account. C:\> SET AWS_SESSION_TOKEN=AQoDYXdzEJr...<remainder of security token> # The session key for your Amazon account. This is needed only when you are using temporary credentials. # The AWS_SECURITY_TOKEN environment variable can also be used, but is only supported for backward compatibility purposes. # AWS_SESSION_TOKEN is supported by multiple Amazon SDKs besides PHP.