How to fix “AuthorizationHeaderMalformed when calling the GetObject operation” error in AWS s3 boto3

Question 1

When I try to run very simple Python script to get object from s3 bucket:

import boto3

s3 = boto3.resource('s3',
 region_name="eu-east-1",
 verify=False,
 aws_access_key_id="QxxxxxxxxxxxxxxxxxxxxxxxxFY=",
 aws_secret_access_key="c1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxYw==")

obj = s3.Object('3gxxxxxxxxxxs7', 'dk5xxxxxxxxxxn94')
result = obj.get()['Body'].read().decode('utf-8')

print(result)

1

2

3

4

5

6

7

8

9

10

11

12

13

import boto3

s3 = boto3.resource('s3',

region_name="eu-east-1",

verify=False,

aws_access_key_id="QxxxxxxxxxxxxxxxxxxxxxxxxFY=",

aws_secret_access_key="c1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxYw==")

obj = s3.Object('3gxxxxxxxxxxs7', 'dk5xxxxxxxxxxn94')

result = obj.get()['Body'].read().decode('utf-8')

print(result)

I got an error:

$ python3 script.py

Traceback (most recent call last):
  File "script.py", line 7, in <module>
    result = obj.get()['Body'].read().decode('utf-8')
  File "//anaconda3/lib/python3.7/site-packages/boto3/resources/factory.py", line 520, in do_action
    response = action(self, *args, **kwargs)
  File "//anaconda3/lib/python3.7/site-packages/boto3/resources/action.py", line 83, in __call__
    response = getattr(parent.meta.client, operation_name)(**params)
  File "//anaconda3/lib/python3.7/site-packages/botocore/client.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "//anaconda3/lib/python3.7/site-packages/botocore/client.py", line 661, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: 

An error occurred (AuthorizationHeaderMalformed) 
when calling the GetObject operation:
 The authorization header is malformed; the authorization component 
"Credential=QUtJxxxxxxxxxxxxxxxxxlZPUFY=/20191005/us-east-1/s3/aws4_request" 
is malformed.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

$ python3 script.py

Traceback (most recent call last):

File "script.py", line 7, in

result = obj.get()['Body'].read().decode('utf-8')

File "//anaconda3/lib/python3.7/site-packages/boto3/resources/factory.py", line 520, in do_action

response = action(self, *args, **kwargs)

File "//anaconda3/lib/python3.7/site-packages/boto3/resources/action.py", line 83, in __call__

response = getattr(parent.meta.client, operation_name)(**params)

File "//anaconda3/lib/python3.7/site-packages/botocore/client.py", line 357, in _api_call

return self._make_api_call(operation_name, kwargs)

File "//anaconda3/lib/python3.7/site-packages/botocore/client.py", line 661, in _make_api_call

raise error_class(parsed_response, operation_name)

botocore.exceptions.ClientError:

An error occurred (AuthorizationHeaderMalformed)

when calling the GetObject operation:

The authorization header is malformed; the authorization component

"Credential=QUtJxxxxxxxxxxxxxxxxxlZPUFY=/20191005/us-east-1/s3/aws4_request"

is malformed.

I’m not sure what can be causing it, worth adding that:

I don’t know what is the bucket region (don’t ask why) but I tried manually to connect to all of them (by changing default region name in command to every region) and without success.
I don’t have access to bucket configuration. And anything that is in aws console. I just have the Key ID, Secret, bucket name and object name.

Question 2

An AWS-Access-Key-ID always begins with AKIA for IAM users or ASIA for temporary credentials from Security Token Service, as noted in IAM Identifiers in the AWS Identity and Access Management User Guide.

The value you’re using does not appear to be one of these, since it starts with QUtJ… so this it isn’t the value you should be using here. You appear to be using something that isn’t an AWS-Access-Key-ID.

How to fix “AuthorizationHeaderMalformed when calling the GetObject operation” error in AWS s3 boto3

Question:

Answer:

Leave a Reply Cancel reply