Kuldeep Jain
Reputation: 8598
S3Exception with AWS SDK for Java version 2 - The request signature we calculated does not match the signature you provided
I am trying to get list of object in an S3 bucket using AWS SDK for Java version 2.
Getting following exception:
software.amazon.awssdk.services.s3.model.S3Exception:
The request signature we calculated does not match the signature you provided.
Check your key and signing method. (Service: S3, Status Code: 403, Request ID: DCE23DE2BC35653C)
My code snippet:
import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.s3.S3Client;
....
private software.amazon.awssdk.services.s3.S3Client getS3Client(Region region) {
//Getting values from properties file -- AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN
AwsSessionCredentials awsCreds =
AwsSessionCredentials.create(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN);
S3Client s3 =
S3Client.builder()
.region(region)
.credentialsProvider(StaticCredentialsProvider.create(awsCreds))
.build();
return s3;
}
public void listObjects(Region region, String bucketName) {
S3Client s3 = getS3Client(region);
ListObjectsRequest listObjects = ListObjectsRequest
.builder()
.bucket(bucketName)
.build();
ListObjectsResponse res = s3.listObjects(listObjects); // This throws S3Exception
List<S3Object> objects = res.contents();
....
//Iterate over 'objects' and do something
}
pom.xml entries:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>bom</artifactId>
<version>2.7.5</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
...
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>s3</artifactId>
</dependency>
Stacktrace:
software.amazon.awssdk.services.s3.model.S3Exception: The request signature we calculated does not match the signature you provided. Check your key and signing method. (Service: S3, Status Code: 403, Request ID: DCE23DE2BC35653C)
software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.handleErrorResponse(HandleResponseStage.java:115)
software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.handleResponse(HandleResponseStage.java:73)
software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:58)
software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:41)
software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:64)
software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:36)
software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:77)
software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:39)
software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage$RetryExecutor.doExecute(RetryableStage.java:113)
software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage$RetryExecutor.execute(RetryableStage.java:86)
software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:62)
software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:42)
software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:57)
software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:37)
software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.executeWithTimer(ApiCallTimeoutTrackingStage.java:80)
software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:60)
software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:42)
software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:37)
software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:26)
software.amazon.awssdk.core.internal.http.AmazonSyncHttpClient$RequestExecutionBuilderImpl.execute(AmazonSyncHttpClient.java:240)
software.amazon.awssdk.core.client.handler.BaseSyncClientHandler.invoke(BaseSyncClientHandler.java:96)
software.amazon.awssdk.core.client.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:120)
software.amazon.awssdk.core.client.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:73)
software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:44)
software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:55)
software.amazon.awssdk.services.s3.DefaultS3Client.listObjects(DefaultS3Client.java:2278)
com.mycompany.test.MyS3Driver.listObjects(MyS3Driver.java:44)
I have verified my AWS Credentials and my account has PowerUser access. I Looked at following links but it didn't help as I am using 'AwsSessionCredentials' class
- https://stackoverflow.com/a/30519762/948268 -- Mentions about key starting with a period.
- https://github.com/aws/aws-sdk-js/issues/86 -- Talks about Ensuring proper encoding of URI query string parameter-values. but in my case I am using AwsSessionCredentials class.
Also posted the issue on: https://github.com/aws/aws-sdk-java-v2/issues/1767
Upvotes: 2
Views: 1822
Answers (1)
Kuldeep Jain
Reputation: 8598
My bad, the issue was with the bucket name that was passed. It included the folder name in addition to bucket name. It was <BUCKET_NAME>/<FOLDER_NAME> that caused the issue. After passing just the <BUCKET_NAME> it worked fine.
Upvotes: 2
Related Questions
- Amazon S3 Signature Does Not Match - AWS SDK Java
- Error in using aws-java-sdk-s3
- Amazon S3 Error: The request signature we calculated does not match the signature you provided. Check your key and signing method
- Problems in accessing S3 via AWS Java SDK
- AWS java SDK manually set signature version
- V4 Signing for aws S3 using aws java sdk
- SignatureDoesNotMatch in AWS Java SDK for S3
- SignatureDoesNotMatch when uploading to AWS S3
- SSLHandshakeException while using AWS SDK for Java API
- How to troubleshooting Amazon S3 GET request signature mismatch?