chef - [chef] http_request head on S3 pre-signed URL gets 403 error

From: Jorge Bianquetti &lt; &gt;
To:
Subject: [chef] http_request head on S3 pre-signed URL gets 403 error
Date: Wed, 19 Jun 2013 20:49:36 +0200

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] http_request head on S3 pre-signed URL gets 403 error

Ohai!

I've been reading
http://docs.opscode.com/chef/resources.html#remote-file, and
implemented something like this:

local = "some_local_file"
remote = "pre-signed_S3_url"

remote_file local  do
  source remote
  action :nothing
end

http_request "HEAD #{remote}" do
  message ""
  url remote
  action :head
  if File.exists?(local)
    headers "If-Modified-Since" => File.mtime(local).httpdate
  end
  notifies :create, "remote_file[local]", :immediately
end

I get this response from chef-client:

FATAL: Net::HTTPServerException:
http_request[HEAD
https://mybucket.s3.amazonaws.com/develop/some.war?AWSAccessKeyId=AKIXXXXXXXXXXX&Expires=1543242415&Signature=8234962346239423949ygf89w]
(some::backend line 140) had an error: Net::HTTPServerException: 403
"Forbidden"

I supposed this an Chef issue, because all it's fine when I run:

wget -S
https://mybucket.s3.amazonaws.com/develop/some.war?AWSAccessKeyId=AKIXXXXXXXXXXX&Expires=1543242415&Signature=8234962346239423949ygf89w

Chef's versions on servers are  10.26.0 (soon, migration to chef11)

Thanks!

[chef] http_request head on S3 pre-signed URL gets 403 error, Jorge Bianquetti, 06/19/2013
- [chef] Re: http_request head on S3 pre-signed URL gets 403 error, Daniel DeLeo, 06/20/2013
- [chef] Re: http_request head on S3 pre-signed URL gets 403 error, Julian C. Dunn, 06/20/2013