nodejs client s3 getSignedUrl gives Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4

Question

I'm generating a presigned url to an s3 bucket using the following code

  const presignedUrl = s3.getSignedUrl('getObject', {
    Bucket: config.parsedResumeDestination,
    Key: tmpKey,
    Expires: 60 * 60 * 60 // 1 hour
  });

However when I just copy past the generated url on the browser I get the following error

Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4

I saw the following solution How to generate AWS S3 pre-signed URL using signature version 4, however the nodejs client for aws does not seem to have this property. Can someone please tell me what is going wrong here?

score 3 · Answer 1 · answered Jul 11 '20 at 23:23

When you construct the s3 service object, pass in a signatureVersion.

Here is one way to do it:

const AWS = require("aws-sdk");
const s3 = new AWS.S3({
  signatureVersion: "v4",
  ...credentials
})

There are lots of options when constructing AWS service objects and they are mostly universal: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property

nodejs client s3 getSignedUrl gives Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4

1 Answers1