在启用 SSE 的 FIFO 队列上调用 getQueueUrl() 结果为 403 / 对此队列的所有请求必须使用 HTTPS 和 SigV4

Invoking getQueueUrl() on FIFO Queue with SSE Enabled Results in 403 / All requests to this queue must use HTTPS and SigV4

我正在使用启用了 SSE 的 SQS FIFO 队列。当我使用 SQS 客户端调用 getQueueUrl() 时,抛出异常并显示消息 All requests to this queue must use HTTPS and SigV4.

使用最新版本的aws-java-sdk:

    <dependency>
        <groupId>com.amazonaws</groupId>
        <artifactId>aws-java-sdk</artifactId>
        <version>1.11.160</version>
    </dependency>

以下代码重现了该问题:

public class SimpleSqsClient {

    private static ClientConfiguration clientConfiguration() {
        ClientConfiguration clientConfiguration = new ClientConfiguration();
        clientConfiguration.setProxyHost("proxy.foo.com");
        clientConfiguration.setProxyPort(8099);
        clientConfiguration.setProxyUsername("username");
        clientConfiguration.setProxyPassword("password");
        clientConfiguration.setProtocol(Protocol.HTTP);
        clientConfiguration.setPreemptiveBasicProxyAuth(false);

        return clientConfiguration;
    }

    public static void main(String[] args) throws Exception {

        /*
         * The ProfileCredentialsProvider will return your [default] credential
         * profile by reading from the credentials file located at
         * (~/.aws/credentials).
         */
        AWSCredentials credentials = null;
        try {
            credentials = new ProfileCredentialsProvider().getCredentials();
        } catch (Exception e) {
            throw new AmazonClientException("Cannot load the credentials from the credential profiles file. "
                    + "Please make sure that your credentials file is at the correct "
                    + "location (~/.aws/credentials), and is in valid format.", e);
        }

        AmazonSQS sqs = AmazonSQSClientBuilder.standard().withClientConfiguration(clientConfiguration())
                .withCredentials(new ProfileCredentialsProvider("SOME_PROFILE"))
                .withRegion(Regions.US_EAST_1).build();

        System.out.println("===========================================");
        System.out.println("Simple SQS Test");
        System.out.println("===========================================\n");
        try {

            System.out.println(sqs.getQueueUrl("some-sse-enabled-queue.fifo"));

        } catch (AmazonServiceException ase) {
            System.out.println("Caught an AmazonServiceException, which means your request made it "
                    + "to Amazon SQS, but was rejected with an error response for some reason.");
            System.out.println("Error Message:    " + ase.getMessage());
            System.out.println("HTTP Status Code: " + ase.getStatusCode());
            System.out.println("AWS Error Code:   " + ase.getErrorCode());
            System.out.println("Error Type:       " + ase.getErrorType());
            System.out.println("Request ID:       " + ase.getRequestId());
        } catch (AmazonClientException ace) {
            System.out.println("Caught an AmazonClientException, which means the client encountered "
                    + "a serious internal problem while trying to communicate with SQS, such as not "
                    + "being able to access the network.");
            System.out.println("Error Message: " + ace.getMessage());
        }

    }
}

输出:

Caught an AmazonServiceException, which means your request made it to Amazon SQS, but was rejected with an error response for some reason.
Error Message:    All requests to this queue must use HTTPS and SigV4. (Service: AmazonSQS; Status Code: 403; Error Code: InvalidSecurity; Request ID: ...)
HTTP Status Code: 403
AWS Error Code:   InvalidSecurity
Error Type:       Client
Request ID:       ...

改变

clientConfiguration.setProtocol(Protocol.HTTP);

clientConfiguration.setProtocol(Protocol.HTTPS);

问题已解决