问题
I am trying to perform some actions via linux aws CLI. My credentials file is 100% correct.
User has EC2FullAccess and Amdinistrative(highest rank) permissions. I am able to execute all commands.
The problem is that following regions produce AuthFailed error, rest regions work fine:
- Ohio
- Central
- Frankfurt
- Seoul
- London.
Those regions are all available to my account via web interface, and also aws ec2 describe-regions prints all of regions.
Creating instances, for example, via web interface in specified regions works fine as well.
Date of linux box that I use to access aws cli is set to it's hardware clock with only difference in clock format. Hardware clock is 12, while date command shows in 24 format.
----------------------Update---------------------------------
As i have just found problem is with Signature 4. Here is the problem:
""SignatureVersion":["2"] Signature Version 2 is not supported in regions that initially came into service in 2014 or later, which currently includes ap-northeast-2 and eu-central-1, as well as China. All regions support Signature Version 4, and newer regions only support V4. http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html "
But how do I use SignatureVersion 4 only via cli for my requests?
回答1:
Try updating to the latest version of the AWS CLI. Your installed AWS CLI may not be able to handle v4 signatures.
Per the documentation:
For all AWS regions, AWS SDKs use Signature Version 4 by default to authenticate requests. When using AWS SDKs that were released before May 2016, you may be required to request Signature Version 4
To check your current CLI version: aws --version
来源:https://stackoverflow.com/questions/44267553/aws-was-not-able-to-validate-the-provided-access-credentials-authfailed-only-at