Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Putting objects in S3 from Java application complains about missing AWS Signature

0

Hello,

I am trying to write to S3 bucket from my Java application. My application is running in EKS. I have provided AWS credentials using system propertiesaws.accessKeyId and aws.secretAccessKey.

When sending put request, I get this error - com.amazonaws.services.s3.model.AmazonS3Exception: Put Object requests with Object Lock parameters require AWS Signature Version 4 (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument

Java SDK should automatically authenticate using the credentials and I should not need to compute the signature. Am I missing anything here?

  • Antonio_Lagrotteria EXPERTO
    hace un año

    Can you share the code to put the object, including client initialization?

  • rePost-User-9122433
    hace un año

    Here is my code for creating the client

        final AwsClientBuilder.EndpointConfiguration endpoint = new AwsClientBuilder.EndpointConfiguration(
            s3Endpoint,
            s3Region
    );

    final AmazonS3 s3client = AmazonS3ClientBuilder
            .standard()
            .withEndpointConfiguration(endpoint)
            .enablePathStyleAccess()
            .withClientConfiguration(new ClientConfiguration().withSignerOverride("AWSS3V4SignerType"))
            .build();

    And then I make a call for writing object into the bucket

            PutObjectRequest request = new PutObjectRequest(s3Bucket, fileName, new ByteArrayInputStream(content_bytes), metadata);
        s3client.putObject(request);
Temas
Almacenamiento
Etiquetas
Amazon Simple Storage Service
Idioma
English
rePost-User-9122433
preguntada hace un año668 visualizaciones
1 Respuesta
0
Respuesta aceptada

The error message indicates that you need to use AWS Signature Version 4 to authenticate your requests to Amazon S3 with Object Lock parameters. This is because Object Lock is a feature that provides WORM (Write Once Read Many) functionality, and as such, requires a higher level of security.

You can enable Signature Version 4 by removing the .withClientConfiguration(new ClientConfiguration().withSignerOverride("AWSS3V4SignerType")) line from your code. The AWS SDK for Java will automatically use Signature Version 4 if it's required for the API you're calling.

Here's an updated version of your code:

final AwsClientBuilder.EndpointConfiguration endpoint = new AwsClientBuilder.EndpointConfiguration(
            s3Endpoint,
            s3Region
    );

final AmazonS3 s3client = AmazonS3ClientBuilder
            .standard()
            .withEndpointConfiguration(endpoint)
            .enablePathStyleAccess()
            .build();

Note that it's recommended to use IAM roles or instance profiles to provide AWS credentials to applications running on EC2 or EKS, rather than using explicit access keys. This approach can help improve security and simplify credential management.

profile pictureAWS
Mina Gobrial
respondido hace un año
  • rePost-User-9122433
    hace un año

    Thanks, I updated my code to use SDK v2 and that solved the problem.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante