AWS V4 signing does not work
Bug #1439761 reported by
Martin Packman
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
juju-core |
Fix Released
|
Critical
|
Katherine Cox-Buday | ||
1.23 |
Fix Released
|
Critical
|
Katherine Cox-Buday |
Bug Description
Bootstrapping juju in Amazon's cn-north-1 region fails currently as the V4 AWS API signing fails with:
2015-04-02 13:20:57 DEBUG juju.provider.ec2 provider.go:129 ec2 request failed: The request must contain the parameter AWSAccessKeyId (MissingParameter)
This was added to juju and goamz as part of bug 1319475, but fails as currently no signing is actually happening, due to a missing date header and the error from the Signer being swallowed in goamz ec2/ec2.go EC2.query.
Changed in juju-core: | |
milestone: | none → 1.24-alpha1 |
Changed in juju-core: | |
assignee: | nobody → Katherine Cox-Buday (cox-katherine-e) |
Changed in juju-core: | |
status: | Triaged → In Progress |
Changed in juju-core: | |
status: | In Progress → Fix Committed |
Changed in juju-core: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Some information from troubleshooting Martin and I have done:
After properly handling the error and providing the needed x-amz-date header for v4 signing, AWS returns an "AuthFailure" error [1]. This is not typically a signing error. When signing errors occur, AWS usually explicitly states that the hash provided doesn't match the hash they've calculated. We're investigating potential causes of this issue, and I'm working on reproducing with separate credentials.
[1] - http:// docs.aws. amazon. com/AWSEC2/ latest/ APIReference/ errors- overview. html