-
-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
InvalidSignatureException: The request signature we calculated does not match the signature you provided. ... #33
Comments
Hi @AndreMammes, I don't know of anything obvious. You may want to try running it in your local environment to see if it's an issue with the Docker setup (which I'm not yet fully across). |
Hi @iann0036 , Thanks for the suggestion. I just configured a fresh Fedora 34 VM, installed go 1.16.3, terraform 0.15.3 and aws cli 2.2.3. I did an Then, in one terminal window, I prepared my environment:
In the other started the proxy: But, using the same dynamoDB configuration file as before, got the same error when calling
AWS CLI calls to create the table, with the exact same definition as the terraform code, work.
There must be a weird terraform behavior when interacting with dynamoDB resources, that is different from the others. Could it be related to the use of the CA certificate ? Thanks for looking into this |
Hey @AndreMammes, Appreciate the detailed help. I dived into this and found the culprit and discrepancy between Terraform and the AWS CLI behaviour. In Terraform, the request being sent adds and Sigv4 signs the header Additionally, the proxy library I'm using detects this header as a transport artifact and "helpfully" removes it. I have since removed this behaviour and tested that the DynamoDB request works within Terraform now. Have a try with the latest release and let me know if that fixes your issue. |
I just fired up the VM and did a Went back to my test Terraform configuration, ran a Did I miss a step ? Thanks |
Apologies, I screwed up the module vendoring. Try to |
No worries :)
Does it install on your machine ? |
Looks like I screwed up my workspace altogether 😅 Try again now? |
Apply complete! Resources: 1 added, 0 changed, 0 destroyed. +1 very happy man :D I'll run the entire infrastructure (plan, apply, destroy) through iamlive today and tomorrow and post any new findings :) Thanks again for your efforts and fast response :) this project is a huge time saver ;) |
As the title says, we're getting this error when using iamlive, but only in proxy mode.
We're setting up AWS infrastructure via Terraform and the same code works just fine with iamlive in CSM mode.
I've noticed this error when working with DynamoDB resources, like tables. This simple configuration is enough to trigger it.
The complete error given by Terraform is:
Error: error creating DynamoDB Table: InvalidSignatureException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
If it helps, we're running:
I've used this tutorial as well, hoping to isolate iamlive from my local environment: https://dev.to/unfor19/determining-aws-iam-policies-according-to-terraform-and-aws-cli-27md
Could anyone point us in the right direction ?
Is there something that I'm doing wrong ?
The text was updated successfully, but these errors were encountered: