对 Neptune 签名的 AWS Lambda HTTP 请求不匹配

Question

运行以下 Lambda 返回此错误：

The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method.

这是一个 NodeJS 18.x Lambda，试图将 HTTP 请求发送到 Neptune Writer 端点。拉姆达代码：

import axios from 'axios';
import { SignatureV4 } from '@aws-sdk/signature-v4';
import { Sha256 } from '@aws-crypto/sha256-js';

const {
  AWS_ACCESS_KEY_ID,
  AWS_SECRET_ACCESS_KEY,
  AWS_SESSION_TOKEN
} = process.env;

const ocQuery = "MATCH%20(n)%20RETURN%20n";
const API_URL = "https://db-simplify-mvp-dev-instance-1.cwezylrm9ic8.us-east-1.neptune.amazonaws.com:8182/openCypher?query=" + ocQuery;

const apiUrl = new URL(API_URL);

const sigv4 = new SignatureV4({
  service: 'neptune-db',
  region: 'us-east-1',
  credentials: {
    accessKeyId: AWS_ACCESS_KEY_ID,
    secretAccessKey: AWS_SECRET_ACCESS_KEY,
    sessionToken: AWS_SESSION_TOKEN,
  },
  sha256: Sha256,
});


export const handler = async () => {
  
  const signed = await sigv4.sign({
    method: 'GET',
    hostname: apiUrl.host,
    path: apiUrl.pathname,
    protocol: apiUrl.protocol,
    headers: {
      'Content-Type': 'application/json',
      host: apiUrl.hostname, // compulsory
    }
  });

  try {
    const { result } = await axios({
      ...signed,
      url: API_URL, // compulsory
    });

    console.log('Successfully received result: ', result);
    return result;
  } catch (error) {
    console.log('An error occurred', error);

    throw error;
  }
};

Lambda IAM 执行角色具有以下策略：

AmazonEC2FullAccess
NeptuneFullAccess
AWSLambdaBasicExecutionRole
AmazonSSMReadOnlyAccess
AWSLambdaVPCAccessExecutionRole

专有网络配置：

Neptune 安全组有入站规则允许端口 8182 上的 Lambda 安全组：

尝试使用 POST 方法，同样的错误。请问我错过了什么？

对 Neptune 签名的 AWS Lambda HTTP 请求不匹配

问题描述投票：0回答：0

最新问题

对 Neptune 签名的 AWS Lambda HTTP 请求不匹配

问题描述 投票：0回答：0

最新问题

问题描述投票：0回答：0