Authentication Failure When Using URLs with Embedded Secrets
If you are using the strongly discouraged mechanism of including the AWS key and secret in a URL, make sure that both "+" and "/" symbols are encoded in the URL. As many AWS secrets include these characters, encoding problems are not uncommon.
Use this table for conversion:
Symbol | Encoded Value |
---|---|
+ | %2B |
/ | %2F |
For example, a URL for an S3 bucket "bucket"
with AWS ID user1
and
secret a+b/c
will be represented as
s3a://user1:a%2Bb%2Fc@bucket
You only need to use this technique when placing secrets in the URL.