Open in app

Sign in

Write

Sign in

AWS SDK Credentials and Forward Slash

a rivalry will never end

Kasun Dilunika
dtlpub
2 min readMar 4, 2020

--

Today I have to develop a simple Java component to integrate with my APIs to send an audit log message to the AWS SQS queue. I picked the task from the sprint backlog and continue coding thinking I could finish the task in a few hours. Yes, I did the coding within a few hours after going through spring and AWS documentation. I implemented three classes to reach my first testable iteration.

First, you have to configure Spring JmsTemplate with AWS SQS client. The following code snippet explains the steps of the configuration.

Then implement the SQS adaptor which uses JmsTemplate to send messages to the SQS queue.

Finally, use the SqsAdaptor in the controller to send a log message to the queue.

All good! I am now ready to test the piece of code. I configured AWS credentials in environment variables and ran the spring boot application. Then sent a request to my /api/ping API expecting an audit log message in the queue. But, instead of success 200, I got the following 500 error as the response of the ping API.

{
  "timestamp": "2020-03-04T20:30:10.597+0000",
  "status": 500,
  "error": "Internal Server Error",
  "message": "Uncategorized exception occurred during JMS processing; nested exception is javax.jms.JMSException: AmazonServiceException: getQueueUrl. RequestId: 14df2e49-9415-53c2-8a8b-7893862eca11\nHTTPStatusCode: 403 AmazonErrorCode: SignatureDoesNotMatch"
}

I am pretty sure my AWS access and secret keys are correct. I went through several blog post tutorials on how to configure SQS client with the credentials. I couldn’t find anything wrong.

As usual, stack overflow gave me a hint that this is a common issue with AWS S3 client. There are lots of posts about SignatureDoesNotMatch error with S3 clients. Most people have faced this issue due to AWS access and secret key mismatches. However, there is one post described this error occurred because his secret key has a forward slash (/).

I followed the hint and regenerated my keys again until I get a secret key that doesn’t have a forward slash. Bingo! it worked. It was that silly little forward slash that has wasted hours!!!

Once my issue is solved, I started digging into the internet to find out more details about this issue. I was surprised to see. This issue is there with most of the AWS SDKs. It is a surprise to see a company like AWS has left this kind of issue not fixed. The issue lasts for years now!!!

I don’t know the gravity of the fix required in AWS SDKs since I don’t know the internal details. However, if this is something hard to fix, AWS should not generate secret keys that contain forward-slash (/). That will save hours of debugging time from the developers.

AWS
Sdk
Sqs
Credentials

--

--

Kasun Dilunika
dtlpub

Written by Kasun Dilunika

61 Followers
Editor for

Software Architect at Digital Transformation, NZ

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams