sigv4 for Lattice unsigned-payload not supported for http requests #5103
Labels
feature-request
A feature should be added or improved.
service-api
This issue is due to a problem in a service API, not the SDK implementation.
Describe the bug
When making http (not https) requests to lattice, the payload will always be signed because the signing logic will always sign the body when the protocol http and a streaming body is present. This isn't compatible with VPC Lattice which allows for GRPC over HTTP.
Expected Behavior
requests to be signed with 'x-amz-content-sha256: UNSIGNED-PAYLOAD'
Current Behavior
-H 'x-amz-content-sha256: STREAMING-AWS4-ECDSA-P256-SHA256-PAYLOAD'
Reproduction Steps
will print out some headers, notably
Possible Solution
In DefaultAwsCrtS3V4aSigner (and other signers) change logic to something like
to prioritize user choice
or look at
AwsSignerExecutionAttribute.SERVICE_SIGNING_NAME == vpc-lattice-svcs
to decide if the request body should be signed.Additional Information/Context
No response
AWS Java SDK version used
2.21.20
JDK version used
21.0.2
Operating System and version
macOS 14.4.1
The text was updated successfully, but these errors were encountered: