- Newest
- Most votes
- Most comments
A change was made in Core 3.7.107.0
A side-effect of this change was that before, it was possible to include a path as part of "BucketName", and get a success, but this no longer works. It was never intended for "BucketName" to support inputs other than the Bucket itself. It's not possible to tell from your example above if you might be encountering this, but I'd suggest investigating as that's the primary change for Core 3.7.107.0.
The error you received for GetObjectAttributes, "The request signature we calculated does not match the signature you provided. Check your key and signing method." indicates that the authorization header is malformed.
GetObjectMetadata might be the same root cause, but with a less specific error message. GetObjectMetadata calls the S3 API HeadObject, whereas GetObjectAttributes calls the S3 API GetObjectAttributes. The key difference here, is that HeadObject does not have a response body, so detailed error messages are not part of the response, only HTTP header codes like 403.
There are multiple possible causes of invalid request signature, but the one that would apply to the above would be if the Canonical URI did not match what was in the request or the URI encoding was different.
Since I'm not sure that's the cause of your error, I'll mention another common cause is signing a request for one AWS region, but sending the request to another AWS region. Usually this can be resolved by explicitly stating the region for a bucket.
For reference see the AWS SigV4 signing method, and see it includes the target region in the "Scope" signed into the signature, as well as the previously mentioned CanonicalURI and specific URIEncode() specification.
Hi, Giovanni. I created a console app on a dev machine and was able to get the code to work without a problem.
- I tried it with the following versions: AWSSDK.Core v3.7.107 and AWSSDK.S3 v3.7.104.26.
- I also tried it with the current versions and they were also fine.
I did notice that you are missing a comma in your list of permissions. Is that just a copy/paste error, or is it possible that your policy is actually missing the comma?
(I can share the code and policy that I used if you think it would be helpful. (Properly scrubbed, of course.))
no, it was just a copy/paste error, thanks for your response.
Relevant content
- Accepted Answerasked 10 months ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
Actually I used an additional path in the bucket name, but I tried to move it on the key and the errors was still the same. Wheree didi I need to specify the path then? Thank you for your answer!
Never mind. Pushed by your answer I tried to specify path in key parameter in every way I know and find out that the correct way is: folder1/folder2/.../filename (originally tried with /folder1/folder2/.../filename and then ~/folder1/folder2/..../filename Thank you very much for your answer!