I am facing issues with AWS4 signer. I raised the ticket but no help yet. The signature looks like not generating properly.
I am getting below error :
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.\n\nThe Canonical String for this request should have been\n'GET\n/namespaces/edhtest/types/books/data\n\nhost:api-dev.edh.starwave.com\nx-amz-date:20200205T205621Z\n\nhost;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'\n\nThe String-to-Sign should have been\n'AWS4-HMAC-SHA256\n20200205T205621Z\n20200205/us-west-2/execute-api/aws4_request\n7fdbbdc095a300d14a29b9a007bf5a30800e5c75a533d1b1886f26e5000ee5cc'\n"}"
When I took the values from Postman and tested it works fine. Issue is with generating AWS4 signer values from API Gateway.
Attached my aws4 signer. Any help would be appreciated.
Original Message:
Sent: 12-10-2019 08:35 AM
From: Chris Unsted
Subject: AWS S3 Working Example
Charlie,
Thanks for the response and your time. Your screen shots confirmed I wasn't going mad.
Turns out the secret magic I was missing was "s3" needed to be lower case - I was using upper. As ever, it's easy when you know how!
Kind regards,
Chris
Original Message:
Sent: 12-06-2019 01:22 PM
From: Charles LILIENKAMP
Subject: AWS S3 Working Example
I saw the case. I dont have a copy of your policy. I do have an old policy that did work with a similar configuration.
aws s4 signer AND Route via https.
Will post the screenshots of s4 signer and route if it helps.
Original Message:
Sent: 12-06-2019 03:01 AM
From: Chris Unsted
Subject: AWS S3 Working Example
Hi Charles,
Thanks for the reply. I do have a case open and the details of my settings are on there. ID : 20117737. Trying posting on here because the clock is ticking.
Looks like the old tactical assertion was significantly different to the later editions. In many ways it looks easier to use, but I guess more limited in usefulness.
I know I'm very close to it working but am missing something, probably obvious.
Kind Regards,
Chris
Original Message:
Sent: 12-05-2019 03:13 PM
From: Charles LILIENKAMP
Subject: AWS S3 Working Example
Chris,
I dont have 1 at the moment. I have done it in the past. You can open a case with support if you like. It would be nice to get further details but I realize it may be difficult to provide.
Though I dont have my 9.4 gateway at the moment with the aws soloution kit. I do have the 9.2 version (where it was a tactical assertion).
This is what the working s3 looked like there.
The base policy I Used pulled a file via ssh2 assertion then put it up in aws in my s3 bucket.
Original Message:
Sent: 12-05-2019 11:41 AM
From: Chris Unsted
Subject: AWS S3 Working Example
Hi All,
I'm struggling to get a working policy to write to an AWS S3 bucket from CA API GW 9.4 using the AWS solution kit.
I've seen the online docs. (AWS Assertion). But I can't it to run without error. Can anyone supply a working example (or screenshots of) of a policy that writes to an S3 bucket.
The error I'm returned from AWS is "SignatureDoesNotMatch" and I know this is something to do with the signing of the headers but I can't work out what's not lined up.
Any help appreciated.
Thanks in advance.
Chris