We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi,
Im trying to use Sigv4 proxy to sign requests to ECR. I keep getting 401 Unauthorized as such:
time="2025-02-13T01:11:09Z" level=debug msg="signed request" region=us-west-2 service=ecr time="2025-02-13T01:11:09Z" level=debug msg="proxying request" request="GET /v2/ HTTP/1.1\r\nHost: 388544741763.dkr.ecr.us-west-2.amazonaws.com\r\nTransfer-Encoding: identity\r\nAccept-Encoding: gzip\r\nAuthorization: AWS4-HMAC-SHA256 Credential=AKIAVU5YSIGB5TMJMD4X/20250213/us-west-2/ecr/aws4_request, SignedHeaders=host;x-amz-date, Signature=283e8e1333839eb903e3482d22f4a5d1058816f0a90c29b3ef13bba28a3bb35d\r\nConnection: close\r\nUser-Agent: harbor-registry-client\r\nX-Amz-Date: 20250213T011109Z\r\nX-Forwarded-For: 12.0.0.107\r\nX-Forwarded-Proto: http\r\nX-Real-Ip: 12.0.0.107\r\n\r\n" time="2025-02-13T01:11:09Z" level=error msg="error proxying request" message="Not Authorized\n" request="GET https://388544741763.dkr.ecr.us-west-2.amazonaws.com/v2/" status_code=401 time="2025-02-13T01:14:57Z" level=debug msg="Initial request dump:" request="GET /manager/html HTTP/1.1\r\nConnection: close\r\nUser_agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36\r\n\r\n" time="2025-02-13T01:14:57Z" level=info msg="DEBUG: Request Signature:\n---[ CANONICAL STRING ]-----------------------------\nGET\n/manager/html\n\nhost:388544741763.dkr.ecr.us-west-2.amazonaws.com\nx-amz-date:20250213T011457Z\n\nhost;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\n---[ STRING TO SIGN ]--------------------------------\nAWS4-HMAC-SHA256\n20250213T011457Z\n20250213/us-west-2/ecr/aws4_request\n945d7b097e9fa72e94acf16cf3c5091735fc76baeb2f9f479b27aeca95b10137\n-----------------------------------------------------"
This is the command Im using to run the proxy:
docker run --name aws-proxy -d -e 'AWS_ACCESS_KEY_ID=MY_ACCESS_KEY' -e 'AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY' -p 8080:8080 aws-sigv4-proxy -v --name ecr --region us-west-2 --host 388544741763.dkr.ecr.us-west-2.amazonaws.com
On the other hand S3 requests seem to working just fine when I run the proxy as follows:
docker run --name aws-proxy -d -e 'AWS_ACCESS_KEY_ID=MY_ACCESS_KEY' -e 'AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY' -p 8080:8080 aws-sigv4-proxy -v --name s3 --region us-west-2
Im not sure what I'm missing. The IAM key does have access to pull from ECR. I am able to use the same to pull images from the AWS CLI.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi,
Im trying to use Sigv4 proxy to sign requests to ECR. I keep getting 401 Unauthorized as such:
This is the command Im using to run the proxy:
On the other hand S3 requests seem to working just fine when I run the proxy as follows:
Im not sure what I'm missing. The IAM key does have access to pull from ECR. I am able to use the same to pull images from the AWS CLI.
The text was updated successfully, but these errors were encountered: