I am trying to download a file from an S3 bucket, but am seeing the following error:
api error InvalidArgument: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4.
However, when creating my S3 Client for the downloader, I am setting this to s3v4. Here is my code:
var getFileContent = func(ctx context.Context, s3Details S3Details, key string) (*manager.WriteAtBuffer, error) {
client := getS3Client(s3Details)
head, headerr := client.HeadObject(ctx, &s3.HeadObjectInput{Bucket: &s3Details.Bucket, Key: &key})
if headerr != nil {
return nil, headerr
}
buff := manager.NewWriteAtBuffer(make([]byte, 0, head.ContentLength))
_, err := manager.NewDownloader(client).Download(ctx, buff, &s3.GetObjectInput{
Bucket: aws.String(s3Details.Bucket),
Key: aws.String(key),
})
return buff, err
}
func getS3Client(s3Details S3Details) *s3.Client {
endpointResolver := aws.EndpointResolverWithOptionsFunc(func(service, region string, options ...interface{}) (aws.Endpoint, error) {
endpoint := aws.Endpoint{
PartitionID: "aws",
SigningRegion: s3Details.Region,
SigningMethod: s3Details.SignatureVersion,
}
if s3Details.EndpointUrl != "" {
endpoint.URL = s3Details.EndpointUrl
return endpoint, nil
} else {
return endpoint, &aws.EndpointNotFoundError{}
}
})
cfg, _ := config.LoadDefaultConfig(context.TODO(),
config.WithEndpointDiscovery(aws.EndpointDiscoveryEnabled),
config.WithEndpointResolverWithOptions(endpointResolver))
return s3.NewFromConfig(cfg, func(o *s3.Options) {
o.Region = s3Details.Region
o.Credentials = aws.AnonymousCredentials{}
o.UsePathStyle = true
})
}
Verified that s3Details.SignatureVersion is definitely set to s3v4. Is there something I'm missing here?
Using aws-sdk-go-v2