Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Presigned requests generated by [email protected] fail with an Unauthorized error #7486

Closed
cPu1 opened this issue Jan 19, 2024 · 0 comments · Fixed by #7487
Closed

Presigned requests generated by [email protected] fail with an Unauthorized error #7486

cPu1 opened this issue Jan 19, 2024 · 0 comments · Fixed by #7487
Assignees
@cPu1
Labels
kind/bug

Comments

@cPu1
Copy link
Contributor

cPu1 commented Jan 19, 2024

When building eksctl with the latest release of aws-sdk-go-2, API server requests containing URLs presigned by sts.PresignClient fail with an Unauthorized error.

[email protected] now adds an extra header amz-sdk-request to the generated request, but this header is not allow-listed by aws-iam-authenticator server running on the control plane. This is likely due to this change which reorders the middleware operations to execute RetryMetricsHeader before Signing.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cPu1 cPu1

Labels
kind/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix generating presigned URL for K8s authentication cPu1/eksctl
1 participant
@cPu1