Results 1 to 6 of 6

Thread: Amanda 3.4.1 and AWS S3 Signature Version 4 (AWS4-HMAC-SHA256)

Threaded View

  1. #1
    Join Date
    Jan 2017
    Posts
    3

    Default Amanda 3.4.1 and AWS S3 Signature Version 4 (AWS4-HMAC-SHA256)

    Hello,

    I successfully configured amanda backup with Signature Version 2 in Amazon. Now I'm trying backup with Signature Version 4 because I need backup in another zone which supports only Version 4. And unsuccessful. The only difference in my configuration is an added param 'STORAGE_API' which I set to 'AWS4'.

    The service error is
    Code:
    slot 1: While creating new S3 bucket: The request signature we calculated does not match the signature you provided. Check your key and signing method. (SignatureDoesNotMatch) (HTTP 403)
    /etc/amanda/amanda.conf
    Code:
    org "my_backup"
    
    infofile "/var/lib/amanda/state/curinfo"
    logdir "/var/lib/amanda/state/log"
    indexdir "/var/lib/amanda/state/index"
    dumpuser "amandabackup"
    
    device_property "S3_ACCESS_KEY" "XXXXXXXXXXXXXXXXXXXXX"
    device_property "S3_SECRET_KEY" "SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS"
    device_property "S3_SSL" "YES"
    
    device_property "S3_HOST" "s3.amazonaws.com:443"
    device_property "STORAGE_API" "AWS4"
    device_property "VERBOSE" "YES"
    
    define changer "S3" {
      comment "S3 changer"
      changerfile "s3-statefile"
      tpchanger "chg-multi:s3:myrar-backup/test_backup/slot-{01,02,03,04,05,06,07,08,09,10}"
    }
    
    tpchanger "S3"
    
    autolabel "$c-$2s" volume-error empty
    
    tapecycle 7
    dumpcycle 5
    
    tapetype "S3"
    define tapetype S3 {
      comment "S3 Backup Bucket"
      length 10240 gbytes
    }
    
    define dumptype client-fast-gnutar-ssh {
        auth "ssh"
        ssh_keys "/var/lib/amanda/.ssh/amandabackup_id_rsa"
        compress client fast
        program "GNUTAR"
    }
    
    holdingdisk hd1 {
        directory "/var/lib/amanda/holding"
        use 500 mbytes
        chunksize 1 mbyte
    }
    Tested on Centos 7.2. As it worked "STORAGE_API" "S3" I suppose that amanda configuration and amazon permissions are correct.

    Any thoughts how to solve this problem?
    Last edited by Rustam; January 16th, 2017 at 03:38 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •