What values need to go in aws_key_scope?
siulcode opened this issue · 4 comments
siulcode commented
I'm trying to figure out what value needs to go in:
aws_key_scope scope_of_generated_signing_key;
is it only the region name?
I'm getting the following "Malformed entry" error. Any help on this would be GREATLY appreciated.
ERROR:
<Error>
<Code>AuthorizationHeaderMalformed</Code>
<Message>
The authorization header is malformed; the Credential is mal-formed; expecting "<YOUR-AKID>/YYYYMMDD/REGION/SERVICE/aws4_request".
</Message>
<RequestId>59D3A159DA4C78A6</RequestId>
<HostId>
/+Ern48H+67YCS+dSvGkXUtxnUUndZNAojMAnfUdgpVI0zaodKOvNe/Aut93+bltXetXPVXKzDU=
</HostId>
</Error>
NGINX CONF:
location /saspub/ {
aws_sign;
proxy_pass http://MYBUCKET.s3.amazonaws.com/$1;
aws_access_key MYACCESSKEY;
#aws_key_scope scope_of_generated_signing_key;
aws_signing_key MYGENERATED_KEY_WITH_SCRIPT;
resolver MYDNSIP;
resolver_timeout 10s;
}
chikamichi commented
I've not used this nginx plugin yet, but considering to. AFAIK, the V4 scope is of the following shape:
date/region/service/aws4_request
For instance:
20160827/eu-west-1/s3/aws4_request
Source: official changelog
anomalizer commented
@chikamichi is right
siulcode commented
I got it to work.
@anomalizer is continuous development still going on with this module for http post?
Thanks guys.
LL
anomalizer commented
@siulcode I am not currently working on HTTP POST. It is fairly complex given that the post body will have to be uploaded in chunks.