stackoom
  简体   繁体   中英

Signed CloudFront URL for a S3 bucket

 原文  2014-10-25 13:11:50       python/ amazon-web-services/ amazon-s3/ boto/ amazon-cloudfront

Question

I'm trying to create a signed CloudFront URL for an object in a Frankfurt S3 bucket (using the python library boto). This used to work very well with eu-west-1 buckets, but now I'm getting the following error message: 

<Error>
<Code>InvalidRequest</Code>
<Message>
The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
</Message>
...

I understand that new S3 locations need API requests to be signed using AWS4-HMAC-SHA256, but I can't find anything in the AWS documentation how this changes the creation of signed CloudFront URLs

Edit:

To clarify, the following code produces a signed URL without raising an error ... The error occurs when opening the created URL in the browser afterwards 

cf = cloudfront.CloudFrontConnection(aws_access_key_id=settings.AWS_ACCESS_KEY_ID,
                                     aws_secret_access_key=settings.AWS_SECRET_ACCESS_KEY)
distribution_summary = cf.get_all_distributions()[0]
distribution = distribution_summary.get_distribution()
return distribution.create_signed_url(url,
                                      settings.CLOUDFRONT_KEY_ID,
                                      int(time()) + expiration,
                                      private_key_file=settings.PRIVATE_KEY_FILE)

1 answers

solution1
 0 ACCPTED  2014-10-26 12:30:43

I found the issue, it was actually the cloud front distribution itself. It seems like moving the origin of the distribution which was already existing (for a long time) from an US bucket to an EU bucket didn't work out.

I created a new one with the same settings (except a new Origin Access Identity) and it worked without any issues.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cloudfront vs S3 signed URL and Boto3 Amazon S3 Signed URL and Cloudfront - Access Denied How to create a signed s3 url for requester pays bucket in python S3 Object upload to a private bucket using a pre-signed URL result in Access denied Is it possible to access a private s3 bucket objects without using a pre-signed URL? (boto3, python) How to upload video on S3 bucket using signed URL created by Python Boto v2.38.0? Python script to query the S3 CloudFront access logs from AWS Athena and import the select query to an S3 bucket how to get an image from the url video (stored on s3 bucket) Why Amazon S3 signed URL works locally but not on production server? How do I upload a file into S3 signed url with python?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM