anomalizer / ngx_aws_auth

nginx module to proxy to authenticated AWS services
BSD 2-Clause "Simplified" License
470 stars 144 forks source link

Scope or Signature not working #85

Open HenriqueOtsuka opened 1 year ago

HenriqueOtsuka commented 1 year ago

Hey guys,

I've generated the scope and the signature using the python script and hardcoded into my NGINX to test, but AWS response says that the signature expected doesn't match The request signature we calculated does not match the signature you provided. Check your key and signing method

I'm stucked into this somedays and I really don't know what more I can do.

I'm using ./script -k my-aws-secret-key -r my-aws-region -s my-aws-service, it returns the right scope and the signature and the I'm copying and pasting into nginx to use it.

location /test {
aws_access_key AKIAEXAMPLETEST;
        aws_s3_bucket my-test-bucket;
        aws_key_scope 20230630/us-east-1/s3/aws4_request;
        aws_signing_key SOMERANDOMVALUE=;
        aws_sign;

        proxy_pass http://my-test-bucket/my-test-file.mp4
}

Any ideas?

thindrs commented 1 year ago

Do you have debug nginx logs to share for the entire request, and response?

HenriqueOtsuka commented 1 year ago

Hmmm, no I don't have any other logs.

This error is the only thing I have.

gauravko commented 1 year ago

Is your proxy pass url of the format bucket-name.aws-region.s3.amazonaws.com ? I had the same problem and just reduced it to bucket-name.s3.amazonaws.com to solve it.