Developer Guide

Amazon S3 Pre-Signed POSTs with AWS SDK for PHP version 3

Much like pre-signed URLs, pre-signed POSTs enable you to give write access to a user without giving them AWS credentials. Pre-signed POST forms can be created with the help of an instance of AwsS3PostObjectV4.

To create an instance of PostObjectV4, you must provide the following:

  • instance of Aws\S3\S3Client

  • bucket

  • associative array of form input fields

  • array of policy conditions (see Policy Construction in the Amazon S3 Developer Guide)

  • expiration time string for the policy (optional, one hour by default).

$client = new \Aws\S3\S3Client([ 'version' => 'latest', 'region' => 'us-west-2', ]); $bucket = 'mybucket'; // Set some defaults for form input fields $formInputs = ['acl' => 'public-read']; // Construct an array of conditions for policy $options = [ ['acl' => 'public-read'], ['bucket' => $bucket], ['starts-with', '$key', 'user/eric/'], ]; // Optional: configure expiration time string $expires = '+2 hours'; $postObject = new \Aws\S3\PostObjectV4( $client, $bucket, $formInputs, $options, $expires ); // Get attributes to set on an HTML form, e.g., action, method, enctype $formAttributes = $postObject->getFormAttributes(); // Get form input fields. This will include anything set as a form input in // the constructor, the provided JSON policy, your AWS access key ID, and an // auth signature. $formInputs = $postObject->getFormInputs();