Skip to content

Cross Region S3 Access using AWS_GLOBAL Endpoint No Longer Works #4912

New issue
New issue
Closed
Closed
Cross Region S3 Access using AWS_GLOBAL Endpoint No Longer Works#4912
Assignees
debora-ito
Labels
bugThis issue is a bug.closed-for-stalenessp1This is a high priority issue
@jjathman

Description

@jjathman
jjathman
opened on Feb 9, 2024

Describe the bug

I believe due to the change done for #4720, if a client is configured using the AWS_GLOBAL region and cross region access is enabled, a PUT to any region that is not US-EAST1 will now fail with an authorization error. This broke with BOM version 2.23.13.

Expected Behavior

This client configuration:

        S3AsyncClient.builder()
                .region(AWS_GLOBAL)
                .credentialsProvider(credentialsProvider)
                .crossRegionAccessEnabled(true)
                .build();

should be able to write to a bucket in any region. This worked prior to BOM version 2.23.13.

Current Behavior

The put will fail with an error like this:

The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-east-2' (Service: S3, Status Code: 400, Request ID: ABC, Extended Request ID: ABC123)
software.amazon.awssdk.services.s3.model.S3Exception: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-east-2' (Service: S3, Status Code: 400, Request ID: ABC, Extended Request ID: ABC123)
	at software.amazon.awssdk.protocols.xml.internal.unmarshall.AwsXmlPredicatedResponseHandler.handleErrorResponse(AwsXmlPredicatedResponseHandler.java:156)
	at software.amazon.awssdk.protocols.xml.internal.unmarshall.AwsXmlPredicatedResponseHandler.handleResponse(AwsXmlPredicatedResponseHandler.java:108)
	at software.amazon.awssdk.protocols.xml.internal.unmarshall.AwsXmlPredicatedResponseHandler.handle(AwsXmlPredicatedResponseHandler.java:85)
	at software.amazon.awssdk.protocols.xml.internal.unmarshall.AwsXmlPredicatedResponseHandler.handle(AwsXmlPredicatedResponseHandler.java:43)
	at software.amazon.awssdk.core.internal.handler.BaseClientHandler.lambda$successTransformationResponseHandler$7(BaseClientHandler.java:279)
	at software.amazon.awssdk.core.internal.http.async.AsyncResponseHandler.lambda$prepare$0(AsyncResponseHandler.java:92)

Reproduction Steps

Create a client as shown above using the current version of the SDK.

Possible Solution

Using US-EAST1 as the region instead of AWS_GLOBAL does also fix the problem, but this is a change in behavior that does not seem intended.

Additional Information/Context

No response

AWS Java SDK version used

2.23.21

JDK version used

Java 17

Operating System and version

macOS 14

Metadata

Metadata

Assignees

Labels

bugThis issue is a bug.closed-for-stalenessp1This is a high priority issue

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions