Appendix b: Authenticating requests (Amazon signature version 2)

Important

This section describes how to authenticate requests using Amazon Signature Version 2. Signature Version 2 is being turned off (deprecated), Amazon S3 will only accept API requests that are signed using Signature Version 4. For more information, see Amazon Signature Version 2 Turned Off (Deprecated) for Amazon S3

Signature Version 4 is supported in all Amazon Web Services Regions, and it is the only version that is supported for new Regions. For more information, see Authenticating Requests (Amazon Signature Version 4) in the Amazon Simple Storage Service API Reference.

Amazon S3 offers you the ability to identify what API signature version was used to sign a request. It is important to identify if any of your workflows are utilizing Signature Version 2 signing and upgrading them to use Signature Version 4 to prevent impact to your business.

If you are using CloudTrail event logs(recommended option), please see Identifying Amazon S3 Signature Version 2 requests by using CloudTrail on how to query and identify such requests.
If you are using the Amazon S3 Server Access logs, see Identifying Signature Version 2 requests by using Amazon S3 access logs

Topics

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Setting access policy with SOAP

Authenticating requests using the REST API