Hi peeps, is it possible to create a signed GET url for cloudfront link without providing the 'key_pair_id', 'private_key' params?
As suggested in the AWS docs it is considered a bad practice to store the private key / id in .env or in a file locally when hosting a webapp on Amazon EC2.
Currently I get an error "key_pair_id is required" when using the client as follows:
public function getPresignedGetUrl(string $filePath): string {
$client = new CloudFrontClient([
'version' => 'latest',
'region' => env('AWS_DEFAULT_REGION')
]);
$expiry = time()+(15*60); // 15 minutes x 60 seconds for UNIX timestamp format
return $client->getSignedUrl([
'url' => env('CLOUDFRONT_BASE_URL') . '/' . $filePath,
'expires' => $expiry,
]);
}
Thank you for your advice!