Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-27251

AWS EC2 by HTTP, SignatureDoesNotMatch for DescribeAlarms

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • None
    • 7.0.21
    • Templates (T)
    • AWS environment with Proxy performing DescribeAlarms operations running latest amzn2023

      Steps to reproduce:

      1. Either access_key and assume_role method for authentication - both have the same result.
      2. CloudWatch must have > 100 alarms, or any amount > MaxRecords (which is hard-coded to 100 in the script for "Get instance alarms data" item).

      This will generate paginated responses where the NextToken value becomes populated and is used to generate subsequent request signatures in the "request" method of the script.

      1. NextToken must get populated with an alarm name such as follows, with a special focus on either parens () and percent % characters (testing for brackets [] works fine):

      Example name:
      "NextToken":"[My][CW][Alarm] CPU % High (Critical)"

      1. Enable debugging/history retention on the item to observe the raw output / logs.

      Result:
      Request failed with status code 403: {"Error":{"Code":"SignatureDoesNotMatch","Message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation 

      Expected:

      1. "Get alarms check" becomes healthy
      2. "Get instance alarms data" gathers alarms tied to the Instance ID being monitored; or, it remains empty if none exist.

            zabbix.support Zabbix Support Team
            mattalvis Matt A
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: