api error SignatureDoesNotMatch: when secret_access_key contains a slash
zoiman opened this issue · comments
- [ x] I am using the latest release of AWS Vault
- I have provided my
.aws/config
(redacted if necessary) - I have provided the debug output using
aws-vault --debug
(redacted if necessary)
I received the following error when I wanted to sls deploy with aws-vault:
aws-vault: error: login: profile : operation error IAM: GetUser, https response error StatusCode: 403, RequestID: c0e0251d-ff7a-48d0-8d7b-582b128ad954, api error SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
I realised that the generated secret key from aws which I was using contained a '/'.
So I generated a new access key with secret which did not contain a slash.
Now it works, so I assume that the issue was that the secret key was containing a /
Did the problem occur because of some escaping issue?
well I copy&pasted the secret key into the terminal when running aws-vault add
so I am not sure if there was some escaping issue there.
Can you reproduce the issue?
I can't reproduce. Reopen if you can
Hi,
I had the same issue with /
in the secret key but it only occurs when I'm on zsh in WSL but none with sh or bash. I'm using pass
as backend but I guess it should be the same with the default one:
export GPG_TTY=$(tty) # needed by the pass backend to open the authentication window within the shell
sh -c "aws-vault --backend=pass exec USER --"