AWS S3 on rails - how to set s3_signature_version parameter

Question

AWS S3 on rails - how to set s3_signature_version parameter

I am trying to configure Amazon Simple Storage Service for use with rails. I get an error message:

The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.

The problem is that I chose the Frankfurt S3 region, and only the V4 scheme is supported there. This is the same error message as in the this message, which directs you to the solution here , with instructions on how to “set: the s3_signature_version parameter to: v4 when building the client”. Command:

 s3 = AWS::S3::Client.new(:s3_signature_version => :v4)

My question is: how do I do this? Where can I put this code?

EDIT:

I tried to put :s3_signature_version => :v4 in carrier_wave.rb as follows, but while loading in heroku he said [fog][WARNING] Unrecognized arguments: s3_signature_version , and that didn't matter, I still get an error message.

configurations / Initializers / carrier_wave.rb:

  if Rails.env.production? CarrierWave.configure do |config| config.fog_credentials = { # Configuration for Amazon S3 :provider => 'AWS', :aws_access_key_id => ENV['S3_ACCESS_KEY'], :aws_secret_access_key => ENV['S3_SECRET_KEY'], :s3_signature_version => :v4 } config.fog_directory = ENV['S3_BUCKET'] end end

EDIT:

I created a new bucket using the Northern California region for which this should not be a problem, but I still get exactly the same error message.

EDIT:

It doesn't matter either:

  if Rails.env.production? CarrierWave.configure do |config| config.fog_credentials = { # Configuration for Amazon S3 :provider => 'AWS', :aws_access_key_id => ENV['S3_ACCESS_KEY'], :aws_secret_access_key => ENV['S3_SECRET_KEY'] } config.fog_directory = ENV['S3_BUCKET'] config.fog_attributes = {:s3_signature_version => :v4} end end

+5

ruby-on-rails amazon-s3 amazon-web-services

Bazley Jan 08 '15 at 19:19

source share

4 answers

schmijos · Answer 1 · 2015-01-12T19:25:44+0000

I had a problem that Spree v2.3 was bound to aws-sdk v1.27.0. But the s3_signature_version parameter was introduced in v1.31.0 (and set by default for China).

So, in my case, the complete configuration in Frankfurt was completely ignored:

 AWS.config( region: 'eu-central-1', s3_signature_version: :v4 )

mcdave · Answer 2 · 2016-07-20T13:03:00+0000

I found this old question from a different direction, trying to take advice at https://github.com/fog/fog/issues/3450 and set the signature to version 2 (to test the hypothesis). Delving to the source a bit , it turns out the magic phrase :aws_signature_version => 4 , like this:

  config.fog_credentials = { # Configuration for Amazon S3 :provider => 'AWS', :aws_access_key_id => ENV['S3_ACCESS_KEY'], :aws_secret_access_key => ENV['S3_SECRET_KEY'], :aws_signature_version => 4 }

user3535074 · Answer 3 · 2015-03-19T16:56:48+0000

I had the same problem and could not find any directions on where to implement the s3_signature_version :: v4 command.

In the end, I basically deleted the existing bucket in Frankfurt and created it in the standard American zone, and it works (after updating the permission policy applied to the user accessing the bucket to reflect that the bucket has changed).

I would like to have a bucket in Frankfurt, but I don’t have another 16 hours to spend laps on this issue, so if someone can add a little more guidance on how to enable the s3_signature_version :: v4 line, that would be great.

xsmet · Answer 4 · 2015-09-09T14:44:27+0000

For other users following the Michael Hartl Rails Tutorial: you (possibly *) need at least v 1.26 pearls of “fog”. Change your Gemfile accordingly and don't forget to “install the package”.

* The reason is that some S3 buckets require an authorization signature of version 4. In the future, probably all of them will be, and at least Frankfurt (zone eu-central-1) requires authorization v4. This is supported from fog v1.26: https://github.com/fog/fog/blob/v1.26.0/lib/fog/aws/storage.rb

AWS S3 on rails - how to set s3_signature_version parameter

More articles: