Gravatar for

Question by ArthurN, Apr 23, 2019 6:55 PM

Push Source AWS There were headers present in the request which were not signed

We have a Coveo Cloud org that around April 10th 2019 started throwing errors when uploading files to AWS drop locations generated by Coveo for a push source:

"<Code>AccessDenied</Code><Message>There were headers present in the request which were not signed</Message><HeadersNotSigned>x-amz-server-side-encryption</HeadersNotSigned>"

Debugging the issue locally I can see that the API "{orgid}" is returning a success code in generating an upload location requiring encryption AES256 which when we attempt to upload a package with a parameter of "{x-amz-server-side-encryption=AES256}" it returns the above error.

We have made no code changes to this area of the application in well over 4 months. Is there some new requirement to utilize the AWS blob storage locations created by Coveo? Were these urls presigned previously?

Gravatar for

Comment by amoreau, Apr 23, 2019 7:29 PM

Hey Arthur,

Are you using the headers Coveo returns when pushing your content to AWS? In the response to /organizations/{orgid}/files, you should have a "requiredHeaders" value, containing the headers you should use to push your data. Typically, this should be:

    "x-amz-server-side-encryption": "AES256",
    "Content-Type": "application/octet-stream"

You can find more information about this call here:!/File32Container/post_organizations_organizationId_files

0 Reply
Ask a question