Skip to content

Credential should be scoped to a valid region, not 'execute-api'. #792

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
MaxiSantos opened this issue Nov 12, 2015 · 3 comments
Closed

Credential should be scoped to a valid region, not 'execute-api'. #792

MaxiSantos opened this issue Nov 12, 2015 · 3 comments
Labels
guidance Question that needs advice or information.

Comments

@MaxiSantos
Copy link

Hi guys. I have an issue and I don't know where this problem comes from.

I'm using select2 component along with csd. Select2 component allows me to load data from an external service while I'm typing on it. The problem is that when I get the response is a success but there is no data returned and if I look into the response tab on networking option on google chrome I see this error message:

{"__type":"#SignatureDoesNotMatch","error":{"message":"[Deprecated: Use the outer message field] Credential should be scoped to a valid region, not 'execute-api'. "},"message":"Credential should be scoped to a valid region, not 'execute-api'. "}

Debbugin the sdk I found this:

updateRegion: function updateRegion(request) {
                var endpoint = request.httpRequest.endpoint.hostname;
                var zones = endpoint.split(".");
                request.httpRequest.region = zones[1] || request.httpRequest.region;
            }

So, if you look at my endpoint (https://domain.execute-api.us-west-2.amazonaws.com/dev) you will see it's updating the region with "execute-api" value instead of "us-west-2". We are using a gateway because of the CORS issue.

This is the function I'm using with select2 component.

_transport = function (params, success, failure) {
       var csd = new AWS.CloudSearchDomain({
              endpoint: 'https://domain.execute-api.us-west-2.amazonaws.com/dev',
              region: 'us-west-2',
              accessKeyId: 'accessKeyId',
              secretAccessKey: 'secretAccessKey'
            }),
            csdParams = _prepareQuery(params);

          var searchRequest = csd.search(csdParams);
          searchRequest.
            on('success', function(response) {
              console.log("Success!" + response.data);
              params.success(response.data);
            }).
            on('error', function(response) {
              console.log("Error!" + response.data);
              params.error(searchRequest, "text status", "errorThrown");
            }).
            on('complete', function(response) {
              console.log("Always!" + response.data);
            }).
            send();
    return searchRequest;
}

Could someone point me a little where to find the issue?
@AdityaManohar
Copy link
Contributor

@MaxiSantos

This is going to be a little involved. To use API Gateway with CloudSearch Domain you will have to use API Gateway as an HTTP Proxy. The endpoint you will be making requests to is the endpoint of you CloudSearch domain (eg. search-foobar.us-west-2.cloudsearch.amazonaws.com). You cannot use API Gateway as an AWS Service Proxy because you will not be able to change the endpoint to which API Gateway makes requests.

Here are is a more detailed list of steps:

Setting up the API
  1. Create a resource and create a GET method on the resource.
  2. Select HTTP Proxy as the Integration type
  3. Put in the endpoint of your CloudSearch Domain in the endpoint field. Note the trailing path and query string. These are required.
    screen shot 2015-11-12 at 1 13 23 pm
  4. In the Method Execution pane, choose Method Request, and then choose the arrow next to URL Query String Parameters. This will allow you to add a query string
    screen shot 2015-11-12 at 1 19 52 pm
  5. Go back to the Method Execution pane and choose Integration Request and add a query string parameter mapping. Note that the query string name here must be q. This is as per the public CloudSearch Search API. This query string is mapped to whatever you specified in the previous screen.
    screen shot 2015-11-12 at 1 21 00 pm

Thats all you should need. Hit test and provide a query string parameter value for your query string.

Note: Don't forget to enable CORS on your API Gateway API.

Also your API Gateway API need not necessarily be a GET request. You can make that a POST with a JSON body and tunnel that as a GET request to your CloudSearch Domain endpoint. There's plenty of fancy stuff you can do here.

Making requests

You really don't need the SDK to make requests to your API Gateway resource endpoint. You can simply use jQuery.ajax() or something similar to make requests to the your endpoint which may look something similar to https://domain.execute-api.us-west-2.amazonaws.com/search.

I hope this helps explain things up a bit. I'd be happy to answer any other questions.

@chrisradek
Copy link
Contributor

Closing this issue, but feel free to comment or re-open if you have further questions.

@AdityaManohar AdityaManohar mentioned this issue Jan 13, 2016
Closed
@srchase srchase added guidance Question that needs advice or information. and removed Question labels Jan 4, 2019
@lock
Copy link

lock bot commented Sep 28, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@lock lock bot locked as resolved and limited conversation to collaborators Sep 28, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
guidance Question that needs advice or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@srchase @AdityaManohar @MaxiSantos @chrisradek