New to the community? Start here

Amazon S3 AWS4-HMAC-SHA256 authentication method is not supported

Hello,

Snapshot does not support the AWS4-HMAC-SHA256 authentication method.

AWS4-HMAC-SHA256, also known as Signature Version 4, (“V4”:wink: is one of two authentication schemes supported by S3.

All regions support V4, but US-Standard, and many — but not all — other regions, also support the other, older scheme, Signature Version 2 (“V2”:wink:.

According to http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html … new S3 regions deployed after January, 2014 will only support V4.

Since Frankfurt was introduced late in 2014, it does not support V2, which is why I can’t use Snapshot Pro for my Frankfurt bucket… that contains ALL my clients backups (I previously used BackupBuddy, which supports V4) :slight_frown:

Thu, 18 May 2017 7:56:44
More Snapshot Pro discussions
Snapshot Pro
  • Huberson
    • Recruit

    Hi miendo,

    Really sorry about that. I’m not actually sure which Signature Version used by Snapshot for AWS S3 bucket authentication but, I will see with the developer in charge for feedback and will give you an update once I get a response.

    Best,

    Huberson

  • Huberson
    • Recruit

    Hi,

    I have talked to developer about it and the problem is, because of some PHP compatibility requirements of the new AWS library, Signature Version V4 is not currently supported by Snapshot Pro.

    Since we are limited by the PHP version, I can’t really provide you with the specific date Signature Version 4 will be supported but, you should be aware of that if it were to be implemented with Snapshot.

    Kind regards,

    Huberson

  • miendo
    • The Reaper

    Thanks for the update, Huberson.

    I understand there are technical requirements, but this is a bit embarrassing for Snapshot Pro, since competing products have been supporting AWS V4 for quite a long time already (I’m currently using BackupBuddy, which supports it, but I’m considering moving to Snapshot Pro).

    So if I want to use Snapshot, I guess my only choice for now is to create a new S3 bucket in another region that still uses the “old” authentication method…

    Also, don’t forget that:

    According to http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html … new S3 regions deployed after January, 2014 will only support V4.

    So this will be more and more of an issue as time goes by…

  • Huberson
    • Recruit

    Hi miendo,

    I think US region still support V2 so, yes create an AWS S3 bucket in an older region is an option.

    As you said, at some point it will be more than a necessity to provide support for AWS Signature V4 in Snapshot. Our developers are aware of that so I think they will take care of it once they manage the compatibility issue.

    Great thanks for the additional info :slight_smile: