1

I'm trying to create a topic in Ceph so that I can receive notifications when an object is uploaded to a bucket.

When I call the CreateTopic endpoint without any AWS credentials (as an anonymous user), the call succeeds.

However, in order to receive notifications on a topic, the topic and bucket must have the same owner. So, I need to create the topic as an authenticated user with credentials. However, using a different service name for the AWS authorization header, I either get a SignatureDoesNotMatch error or a NotImplemented error. I believe the NotImplemented error is inaccurate since the endpoint seems to be functioning when no credentials are passed.

How should I authorize this request to create a topic as a user?

I am using Insomnia REST client and Ceph 14.2.5.

The parameters used for the CreateTopic request

When the service is s3, results in a NotImplemented error

When the service is sns (or any other string, including a blank string), results in a SignatureDoesNotMatch error

When authentication is disabled, the request succeeds

Alexis Anand
  • 13
  • 1
  • 4
  • AWS [provide documentation for correctly signing requests to their apis](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). – CamM May 13 '20 at 06:03

1 Answers1

0

My issue was that I was trying AWS V2 and V4 authentication, but you need to use V3 with this endpoint.

Someone on the mailing list pointed me to this example of how to do it with Python: https://github.com/ceph/ceph/blob/master/examples/boto3/topic_with_endpoint.py

Alexis Anand
  • 13
  • 1
  • 4