I'm setting up an aws appmesh and seeing this error in the logs on each envoy proxy:
StreamAggregatedResources gRPC config stream closed: 16, The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details
There is an IAM role attached to the compute resource that I host the Proxy on (ECS Fargate) that has the arn:aws:iam::aws:policy/AWSAppMeshEnvoyAccess policy attached per the documentation.
I'm using the aws provided envoy image: xxxx.dkr.ecr.region.amazonaws.com/aws-appmesh-envoy:v1.15.0.0-prod
Any help would be appreciated! Matt
Hey @mattfrsn I resolved the issue by switching over service discovery type from AWS Cloud Map to DNS.
I simply entered my namespace name in the DNS config. e.g,
auth.local.demo.appI am not sure why App mesh is not able to discover using AWS Cloud Map config since both of them are pointing to the same thing.
FYI I am using internal name nameaspaces and my Envoy version in 1.16. I planning to switch to 17 though.
I resolved this issue by closely following this AWS App mesh ingress example