I'm trying to Add an Ingress rule to one of my security groups. All I'm trying to do is add my Ip-address 192.88.137.28
to my EC2 security group sg-fakegrpid
.
User Type: IAM
region: eu-west-1
So, should I make the endpoint as ec2.eu-west-1.amazonaws.com/
instead of ec2.amazonaws.com/
?
This is a signed request & encoded as well.
https://ec2.amazonaws.com/?AWSAccessKeyId=THISISFAKEAWSDRACULA
&Action=AuthorizeSecurityGroupIngress
&GroupId=sg-fakegrpid
&IpPermissions.1.FromPort=3389
&IpPermissions.1.IpProtocol=tcp
&IpPermissions.1.IpRanges.1.CidrIp=192.88.137.28%2F32
&IpPermissions.1.ToPort=3389
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2014-06-09T10%3A57%3A31Z
&Signature=hIKzcwPDdYKw4HsxozCFzzzzl8LxzsdC6XlX83DV4NU=
I use the Java SDK to create the signature. Here's the link to it.
http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
When I run the above given url in the browser, I get the following response.
The requested version (2005-10-05) of service AmazonEC2 does not exist
Then I visited this page http://associates-amazon.s3.amazonaws.com/signed-requests/helper/index.html
I generated a signed url from there. But signature is different from the above url's signature.
http://ec2.amazonaws.com/onca/xml?AWSAccessKeyId=THISISFAKEAWSDRACULA
&Action=AuthorizeSecurityGroupIngress
&GroupId=sg-fakegrpid
&IpPermissions.1.FromPort=3389
&IpPermissions.1.IpProtocol=tcp
&IpPermissions.1.IpRanges.1.CidrIp=192.88.137.28%2F32
&IpPermissions.1.ToPort=3389
&SignatureMethod=HmacSHA256&SignatureVersion=2
&Timestamp=2014-06-09T11%3A22%3A14.000Z
&Signature=hr%2FwZBMi3duJpOgud6Hzx2MIhd8QUuqzockqyysRQCY%3D
But I get the same error as before.
This is the string to sign:
GET
ec2.amazonaws.com
AWSAccessKeyId=THISISFAKEAWSDRACULA
&Action=AuthorizeSecurityGroupIngress
&GroupId=sg-fakegrpid
&IpPermissions.1.FromPort=3389
&IpPermissions.1.IpProtocol=tcp
&IpPermissions.1.IpRanges.1.CidrIp=192.88.137.28%2F32
&IpPermissions.1.ToPort=3389
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2014-06-09T11%3A22%3A14.000Z
I added this '&Version=2014-05-01' and everything worked fine.
This parameter is used to specify the version of the service we are trying to use. This is the latest version of EC2.
When I don't mention a specific version, aws looks for this version (2005-10-05) of service & may be, it does not exist.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.