What values need to go in aws_key_scope?

Question

What values need to go in aws_key_scope?

siulcode opened this issue 8 years ago · 4 comments

I'm trying to figure out what value needs to go in:
aws_key_scope scope_of_generated_signing_key;

is it only the region name?

I'm getting the following "Malformed entry" error. Any help on this would be GREATLY appreciated.

ERROR:

<Error>
<Code>AuthorizationHeaderMalformed</Code>
<Message>
The authorization header is malformed; the Credential is mal-formed; expecting "<YOUR-AKID>/YYYYMMDD/REGION/SERVICE/aws4_request".
</Message>
<RequestId>59D3A159DA4C78A6</RequestId>
<HostId>
/+Ern48H+67YCS+dSvGkXUtxnUUndZNAojMAnfUdgpVI0zaodKOvNe/Aut93+bltXetXPVXKzDU=
</HostId>
</Error>

NGINX CONF:

    location /saspub/ {
    aws_sign;
        proxy_pass http://MYBUCKET.s3.amazonaws.com/$1;

        aws_access_key MYACCESSKEY;
        #aws_key_scope scope_of_generated_signing_key;
        aws_signing_key MYGENERATED_KEY_WITH_SCRIPT;

    resolver        MYDNSIP;
    resolver_timeout    10s;
    }

Answer 1 · 2016-08-27T12:59:21.000Z

I've not used this nginx plugin yet, but considering to. AFAIK, the V4 scope is of the following shape:

date/region/service/aws4_request

For instance:

20160827/eu-west-1/s3/aws4_request

Source: official changelog

Answer 2 · 2016-09-02T13:44:21.000Z

@chikamichi is right

Answer 3 · 2016-09-08T19:16:31.000Z

I got it to work.

@anomalizer is continuous development still going on with this module for http post?

Thanks guys.
LL

Answer 4 · 2016-09-30T04:25:12.000Z

@siulcode I am not currently working on HTTP POST. It is fairly complex given that the post body will have to be uploaded in chunks.