I'm successfully generating presigned GetObject URLs. The generated URL is then pasted onto the browser to download the requested item. So far, I am able to retrieve objects from Virginia and Singapore. But with Ohio, I'm getting the following error. "The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256."
Asked
Active
Viewed 3,980 times
1 Answers
2
Amazon has 2 authentication schemes: AWS Signature Version 4 and AWS Signature Version 2. Amazon has decided to support only the newer, V4 version in regions deployed after January 30th, 2014. So facing this issue is expected in some regions.
However, V4 has some changes which you need to know if you want to sign your requests properly and access S3. You can find more details here.
mok
- 6,612
- 3
- 34
- 59
-
Im using the method "getSignedUrl" to retrieve a signed URL. This means to say that this particular method hasn't been updated by the AWS S3 team to support v4? – ngzhongcai Dec 07 '17 at 05:05
-
@ngzhongcai no, but assuming you're using a current version, then depending on the way you're constructing, invoking, etc., you may inadvertently be triggering it to use legacy behavior. You didn't mention what language you are using, or show any code. Please remember to provide these when posting a question. – Michael - sqlbot Dec 07 '17 at 13:30
-
3To solve my issue, I added region to the credentials and then reinstantiate the s3 object – ngzhongcai Dec 08 '17 at 04:35
-
In order to complete @ngzhongcai comment, when invocating credentials, like this with nodeJs for instance : AWS.config.credentials = new AWS.SharedIniFileCredentials({profile: 'default'}); AWS.config.update({region: 'eu-west-3'}); you will be able to get the right presigned url for your region with automatic integration of AWS4 syntax if needed with this : const params = {Bucket: bucketName, Key: keyName}; const url = new AWS.S3().getSignedUrl('getObject', params); console.log('The URL is', url); – loquace May 16 '20 at 13:14