I'm setting up an ECS instance for my backend that interacts with DynamoDB tables
The tasks are running, the healthcheck has passed and the tasks have been assigned with a role that should grant access to those tables
But when I call the API to interact with the database, it shows me this error
InvalidSignatureException: Credential should be scoped to a valid region.
The role contains this policies https://i.sstatic.net/h1Q14.png
And this are the env variables for the task definition
"environment": [
{
"name": "AWS_REGION",
"value": "eu-west-2"
},
{
"name": "DATABASE_URL",
"value": "http://dynamodb.eu-west-2.amazonaws.com"
},
{
"name": "PORT",
"value": "3000"
},
{
"name": "REFERRAL_CHARS",
"value": "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
},
{
"name": "USERS_TABLE",
"value": "SparadoxUsers"
}
],
This is not an issue with roles, more so the request itself. Typically you would see this issue when you sign a request for 1 region (eu-west-1) and the you submit that request to a second region (eu-west-2).
My suggestion is to take a close look at how you make your API call and how you define the region and endpoint in your DynamoDB client.