Welcome! Log In Create A New Profile

Advanced

Access to AWS S3

Posted by sergio.rozenszajn@sap.com 
Forum List Message List New Topic
sergio.rozenszajn@sap.com
Access to AWS S3
September 05, 2017 10:51AM
Hi,

I'm trying to access AWS S3 object store from NGINX. For that I'm using aws_access_key, aws_key_scope and aws_endpoint directives.
AWS S3 V4.0 requires generation of a signing key to access it. Signing building is described in http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html

When calling NGINX I get:
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
<AWSAccessKeyId>AKIAIDFAAXDZLSTALIUA</AWSAccessKeyId>
<StringToSign>AWS4-HMAC-SHA256
20170905T142136Z
20170905/eu-central-1/s3/aws4_request
12ae1791c6031cd57b85f468111089e01acd83bd81380861d105f469712c5f64</StringToSign>
<SignatureProvided>d9241ee35763220b68f890489a931317ba9ea7087e5170bb8898d138f8a87601</SignatureProvided>
<StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 37 30 39 30 35 54 31 34 32 31 33 36 5a 0a 32 30 31 37 30 39 30 35 2f 65 75 2d 63 65 6e 74 72 61 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 31 32 61 65 31 37 39 31 63 36 30 33 31 63 64 35 37 62 38 35 66 34 36 38 31 31 31 30 38 39 65 30 31 61 63 64 38 33 62 64 38 31 33 38 30 38 36 31 64 31 30 35 66 34 36 39 37 31 32 63 35 66 36 34</StringToSignBytes>
<CanonicalRequest>GET
/737f87dc-3fc1-47d1-aafc-2cfbb71d9e6a/rulesUI/1.0/xs-app.json

host:hcp-7973a98f-67bc-49d7-b909-8cb5acd52dcc.s3-eu-central-1.amazonaws.com
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20170905T142136Z

host;x-amz-content-sha256;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest>
<CanonicalRequestBytes>47 45 54 0a 2f 37 33 37 66 38 37 64 63 2d 33 66 63 31 2d 34 37 64 31 2d 61 61 66 63 2d 32 63 66 62 62 37 31 64 39 65 36 61 2f 72 75 6c 65 73 55 49 2f 31 2e 30 2f 78 73 2d 61 70 70 2e 6a 73 6f 6e 0a 0a 68 6f 73 74 3a 68 63 70 2d 37 39 37 33 61 39 38 66 2d 36 37 62 63 2d 34 39 64 37 2d 62 39 30 39 2d 38 63 62 35 61 63 64 35 32 64 63 63 2e 73 33 2d 65 75 2d 63 65 6e 74 72 61 6c 2d 31 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 37 30 39 30 35 54 31 34 32 31 33 36 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes>
<RequestId>699D8417F44C5317</RequestId>
<HostId>LIP0/69lWZub7NXoBiwu7ms0aigWuz8oVy0om9P2rbgNsC3Y+NITYZre4KMgWhY20iWvobiKQ9I=</HostId>
</Error>

See attached nginx.conf file.
Can you assist with this configuration?

Thanks, Sergio
Reply Quote
Attachments:
open | download - nginx.conf (2.8 KB)
fmarch
Re: Access to AWS S3
February 25, 2019 02:30PM
Did you ever get an answer to this. I have the same issue.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 287
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready