Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-15094

InvalidSignatureException thrown while connecting to AWS SQS

XMLWordPrintable

      On OCP 4.5, with both URI and properties based configuration, I observed following error while running simple integration with kamelet aws-sqs-source https://github.com/openshift-integration/kamelet-catalog/blob/master/aws-sqs-source.kamelet.yaml :

      2020-10-20 20:48:37,315 ERROR [org.apa.cam.qua.mai.CamelMainRuntime] (main) Failed to start application: org.apache.camel.RuntimeCamelException: org.apache.camel.VetoCamelContextStartException: Failure creating route from template: aws-sqs-source
[1]     at org.apache.camel.RuntimeCamelException.wrapRuntimeException(RuntimeCamelException.java:66)
[1]     at org.apache.camel.support.service.BaseService.doFail(BaseService.java:409)
[1]     at org.apache.camel.support.service.BaseService.fail(BaseService.java:338)
[1]     at org.apache.camel.support.service.BaseService.init(BaseService.java:88)
[1]     at org.apache.camel.impl.engine.AbstractCamelContext.init(AbstractCamelContext.java:2452)
[1]     at org.apache.camel.support.service.BaseService.start(BaseService.java:111)
[1]     at org.apache.camel.impl.engine.AbstractCamelContext.start(AbstractCamelContext.java:2469)
[1]     at org.apache.camel.quarkus.main.CamelMain.doStart(CamelMain.java:75)
[1]     at org.apache.camel.support.service.BaseService.start(BaseService.java:115)
[1]     at org.apache.camel.quarkus.main.CamelMain.startEngine(CamelMain.java:120)
[1]     at org.apache.camel.quarkus.main.CamelMainRuntime.start(CamelMainRuntime.java:49)
[1]     at org.apache.camel.quarkus.core.CamelBootstrapRecorder.start(CamelBootstrapRecorder.java:45)
[1]     at io.quarkus.deployment.steps.CamelBootstrapProcessor$boot-173480958.deploy_0(CamelBootstrapProcessor$boot-173480958.zig:101)
[1]     at io.quarkus.deployment.steps.CamelBootstrapProcessor$boot-173480958.deploy(CamelBootstrapProcessor$boot-173480958.zig:40)
[1]     at io.quarkus.runner.ApplicationImpl.doStart(ApplicationImpl.zig:523)
[1]     at io.quarkus.runtime.Application.start(Application.java:90)
[1]     at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:91)
[1]     at io.quarkus.runtime.Quarkus.run(Quarkus.java:61)
[1]     at io.quarkus.runtime.Quarkus.run(Quarkus.java:38)
[1]     at io.quarkus.runtime.Quarkus.run(Quarkus.java:106)
[1]     at io.quarkus.runner.GeneratedMain.main(GeneratedMain.zig:29)
[1] Caused by: org.apache.camel.VetoCamelContextStartException: Failure creating route from template: aws-sqs-source
[1]     at org.apache.camel.component.kamelet.KameletComponent$LifecycleHandler.onContextInitialized(KameletComponent.java:213)
[1]     at org.apache.camel.impl.engine.AbstractCamelContext.doInit(AbstractCamelContext.java:2684)
[1]     at org.apache.camel.quarkus.core.FastCamelContext.doInit(FastCamelContext.java:468)
[1]     at org.apache.camel.support.service.BaseService.init(BaseService.java:83)
[1]     ... 17 more
[1] Caused by: org.apache.camel.FailedToCreateRouteException: Failed to create route aws-sqs-source-CAA2F961E714F04-0000000000000000: Route(aws-sqs-source-CAA2F961E714F04-0000000000000000)[From[... because of Failed to resolve endpoint: aws2-sqs://myq?accessKey=AKIA5QYYYYY&deleteAfterRead=true&region=us-west-1&secretKey=xxxxxx due to: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
[1] 
[1] The Canonical String for this request should have been
[1] 'POST
[1] /
[1] 
[1] amz-sdk-invocation-id:a991309c-14dd-f4d7-4efa-1c9de2c0154b
[1] amz-sdk-retry:0/0/
[1] content-length:36
[1] content-type:application/x-www-form-urlencoded; charset=utf-8
[1] host:sqs.us-west-1.amazonaws.com
[1] x-amz-date:20201020T204836Z
[1] 
[1] amz-sdk-invocation-id;amz-sdk-retry;content-length;content-type;host;x-amz-date
[1] 48a38266faf90970d6c7fea9b15e6ba366e5f6397c2970fc893f8a7b5e207bd0'
[1] 
[1] The String-to-Sign should have been
[1] 'AWS4-HMAC-SHA256
[1] 20201020T204836Z
[1] 20201020/us-west-1/sqs/aws4_request
[1] 6212368a0268e3bd93ad92632b81a0bc3d7e29d29adad512b550ad1d73cfe1cf'
[1]  (Service: Sqs, Status Code: 403, Request ID: 5b431fff-4a98-5929-b0f8-47f605fef026, Extended Request ID: null)
[1]     at org.apache.camel.reifier.RouteReifier.createRoute(RouteReifier.java:118)
[1]     at org.apache.camel.quarkus.core.FastCamelContext.startRouteDefinitions(FastCamelContext.java:830)
[1]     at org.apache.camel.component.kamelet.KameletComponent$LifecycleHandler.createRouteForEndpoint(KameletComponent.java:256)
[1]     at org.apache.camel.component.kamelet.KameletComponent$LifecycleHandler.onContextInitialized(KameletComponent.java:211)
[1]     ... 20 more
[1] Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve endpoint: aws2-sqs://myq?accessKey=AKIA5QMMQFYYYY&deleteAfterRead=true&region=us-west-1&secretKey=xxxxxx due to: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

      I used non-capital letters for region parameter, viz ENTESB-15093.

      I observed the same issue also if I didn't create the queue.

            nicolaferraro Nicola Ferraro (Inactive)
            lfabriko@redhat.com Lucie Krejcirova
            Lucie Krejcirova Lucie Krejcirova
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: