我想让一个lambda在另一个区域调用一个Sagemaker实例。如果两者都在同一地区,一切正常。如果不是,我会收到以下错误:
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'POST
/endpoints/foo-endpoint/invocations
host:runtime.sagemaker.us-east-1.amazonaws.com
x-amz-date:20180406T082536Z
host;x-amz-date
1234567890foobarfoobarfoobarboofoobarfoobarfoobarfoobarfoobarfoo'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20180406T082536Z
20180406/us-east-1/sagemaker/aws4_request
987654321abcdeffoobarfoobarfoobarfoobarfoobarfoobarfoobarfoobarf'
我使用aws-requests-auth(0.4.1)和boto3(1.5.15 - 更新到1.7.1没有改变任何东西,changelog),如下所示:
import requests
from aws_requests_auth.aws_auth import AWSRequestsAuth
auth = AWSRequestsAuth(aws_access_key=config['AWS']['ACCESS_KEY'],
aws_secret_access_key=(
config['AWS']['SECRET_ACCESS_KEY']),
aws_host=config['AWS']['HOST'],
aws_region=config['AWS']['REGION'],
aws_service=config['AWS']['SERVICE'])
payload = {'foo': 'bar'}
response = requests.post(post_url,
data=json.dumps(payload),
headers={'content-type': 'application/json'},
auth=auth)
打印auth仅提供<aws_requests_auth.aws_auth.AWSRequestsAuth object at 0x7f9d00c98390>。
有没有办法打印&#34; Canonical String&#34;在错误消息中提到?
(任何其他想法如何解决这个问题也很受欢迎)
答案 0 :(得分:1)
解决问题的解决方法:
req = requests.request('POST', 'http://httpbin.org/get')
req.body = b''
req.method = ''
print(auth.get_aws_request_headers(req,
aws_access_key=auth.aws_access_key,
aws_secret_access_key=auth.aws_secret_access_key,
aws_token=auth.aws_token))
但问题并未解决。现在我想知道auth.get_aws_request_headers的第一个论点是什么。