We are doing a service callout to AWS KMS and below is our SC code
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ServiceCallout continueOnError="false" enabled="true" name="SC-AWSSign">
<DisplayName>SC-AWSSign</DisplayName>
<Properties/>
<Request>
<Set>
<Headers>
<Header name="X-Amz-Target">TrentService.Sign</Header>
<Header name="Content-Type">application/x-amz-json-1.1</Header>
<Header name="X-Amz-Content-Sha256">beaead3198f7da13ab969765e08b24fc913697e929e726aeaebf0eba3</Header>
<Header name="X-Amz-Date">20220727T113413Z</Header>
<Header name="Authorization">AWS4-HMAC-SHA256 Credential=AKIST2KDSDA6T5BN67L/20220727/us-east-1/kms/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target, Signature=3de8ab17d924b424222e502e51f474596eb8eb37a832b2bc7178f48d7b3271</Header>
</Headers>
<Verb>POST</Verb>
<Payload contentType="application/json">
{"KeyId":"23c29362-cd00-4c9c-803f-c1ee961be6c3"
"Message": "ZXlKaGJHY2lPaUFpVWxNeU5UWWlMQ0FpZEhsd0lqb2dJa3BYVkNKOS5leUpwWVhRaU9pQXhOalU0T0RJNE9EZ3dMQ0FpWlhod0lqb2dNVFkxT0Rnek1qUTRNQ3dnSW5OMVlpSTZJQ0l3YjJFeE9UbGxhR3Q0YzJRd1MxcEVhVEJvT0NJc0lDSnBjM01pT2lBaU1HOWhNVGs1WldocmVITmtNRFEZ2lMQ0FpWVhWa0lqb2dJbWgwZEhCek9pOHZiVzFqTG05cmRHRndjbVYyYVdWM0xtTnZiUzl2WVhWMGFESXZkakV2ZEc5clpXNGlMQ0FpYW5ScElqb2dJakJtWVdaaVltUTRMV05qTW1FdE5EbGlaaTFpT1ROakxURXdNMkZqT0dJM1pHTTROeUo5",
"SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
}
</Payload>
</Set>
</Request>
<Response>awsresponse</Response>
<HTTPTargetConnection>
<Properties/>
<URL>https://kms.us-east-1.amazonaws.com?Action=Sign</URL>
</HTTPTargetConnection>
</ServiceCallout>
This code is giving below error.
{
"fault": {
"faultstring": "Execution of ServiceCallout SC-AWSSign failed. Reason: ResponseCode 403 is treated as error",
"detail": {
"errorcode": "steps.servicecallout.ExecutionFailed"
}
}
}
Is this because we are using https and AWS is rejecting the request or is there a firewall issue which is causing this problem ?
Just to add we are using apigee hybrid
LinkedIn
Twitter
