Backend DevelopmentGolangNeptune throws bad handshake error when connecting to IAM enabled Neptune instanceNeptune throws bad handshake error when connecting to IAM enabled Neptune instance
It is a common problem for Neptune to throw an error handshake error when connecting to an IAM-enabled Neptune instance. IAM (Identity and Access Management) is a feature of Amazon Web Services (AWS) that manages and controls access to AWS resources. However, you may encounter handshake errors when trying to connect to an IAM-enabled Neptune instance. This error may be caused by incorrect permissions on the IAM role or the Neptune instance being set up incorrectly. In response to this problem, this article will introduce in detail how to solve this error to ensure a smooth connection to the IAM-enabled Neptune instance.
Question content
I have an aws neptune instance with iam enabled, I am able to perform CRUD operations without authentication, but when I enable authentication, it Throws error in handshake error log.
Note: The lambda function has full neptune permissions
package main
import (
"fmt"
"log"
"net/http"
"os"
"time"
"github.com/aws/aws-lambda-go/events"
"github.com/aws/aws-lambda-go/lambda"
gremlingo "github.com/apache/tinkerpop/gremlin-go/v3/driver"
"github.com/aws/aws-sdk-go/aws/session"
v4 "github.com/aws/aws-sdk-go/aws/signer/v4"
)
func main() {
lambda.Start(lambdaHandler)
}
func lambdaHandler(ctx context.Context, request events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {
driverConn, g = connect()
result, err = g.AddV("User").Property("userId", "Check").Next()
if err != nil {
fmt.Println(err)
}
}
func connect() {
awsSess, err := session.NewSesionWithOptions(session.Options{
SharedCondfigState: session.SharedConfigEnable,
}),
if err != nil {
log.Fatalf("Failed to creating session: %s", err)
}
db_endpoint := os.Genenv("DB_ENDPOINT")
connString := "wss://" +db_endpoint+":8182/gremlin"
// Signing Request
req, _ := http.NewRequest(http.MethodGet, connString, nil)
signer := v4.NewSigner(awsSess.Config.Credentials)
headerToUse, err := signer.Sign(req, nil, "neptune", *awsSess.Config.Region, time.Now())
driverRemoteConnection, err := gremlingo.NewDriverRemoteConnection(connString,
func(settings *gremlingo.driverRemoteConnectionSettings) {
settings.TraversalSource = "g"
settings.AuthInfo.Header = headerToUse
})
return driverRemoteConnection, traversalSource(driverRemoteConnection)
}
func traversalSource(driverConn *gremlingo.DriverRemoteConnection) *gremlingo.GraphTraversalSource {
return gremlingo.Traversal_().WithRemote(driverConn)
}
Error log: Unable to instantiate new connection; setting connection status to closed. Error creating new connection for connection pool: websocket: handshake error 'e0104: Unable to establish successful connection: websocket: handshake error'
NOTE: I can execute queries if iam authentication is disabled. please help.
An attempt to sign the request failed but authentication failed.
Workaround
There are some issues in the code that need to be fixed to make it work with neptune iam if all necessary permissions are granted.
-
The service name in the iam signer for
- neptune should be
neptune-db, notneptune. - Type
*gremlingo.driverremoteconnectionsettingsshould be*gremlingo.driverremoteconnectionsettings. -
settings.authinfo.headerThe header used is not actually the header returned by the signer, but the header of the original request, so it should besettings.authinfo.header = req. header.
Putting it all together, the block of code under //signing request will look like this:
// Signing Request
req, _ := http.NewRequest(http.MethodGet, connString, nil)
signer := v4.NewSigner(awsSess.Config.Credentials)
_, err := signer.Sign(req, nil, "neptune-db", *awsSess.Config.Region, time.Now())
driverRemoteConnection, err := gremlingo.NewDriverRemoteConnection(connString,
func(settings *gremlingo.DriverRemoteConnectionSettings) {
settings.TraversalSource = "g"
settings.AuthInfo.Header = req.Header
})
One thing to note is that gremlin-go currently has no way to allow automatic refresh of authentication tokens, which means that a new connection must be established after expiration.
Hope this helps.
The above is the detailed content of Neptune throws bad handshake error when connecting to IAM enabled Neptune instance. For more information, please follow other related articles on the PHP Chinese website!
C and Golang: When Performance is CrucialApr 13, 2025 am 12:11 AMC is more suitable for scenarios where direct control of hardware resources and high performance optimization is required, while Golang is more suitable for scenarios where rapid development and high concurrency processing are required. 1.C's advantage lies in its close to hardware characteristics and high optimization capabilities, which are suitable for high-performance needs such as game development. 2.Golang's advantage lies in its concise syntax and natural concurrency support, which is suitable for high concurrency service development.
Golang in Action: Real-World Examples and ApplicationsApr 12, 2025 am 12:11 AMGolang excels in practical applications and is known for its simplicity, efficiency and concurrency. 1) Concurrent programming is implemented through Goroutines and Channels, 2) Flexible code is written using interfaces and polymorphisms, 3) Simplify network programming with net/http packages, 4) Build efficient concurrent crawlers, 5) Debugging and optimizing through tools and best practices.
Golang: The Go Programming Language ExplainedApr 10, 2025 am 11:18 AMThe core features of Go include garbage collection, static linking and concurrency support. 1. The concurrency model of Go language realizes efficient concurrent programming through goroutine and channel. 2. Interfaces and polymorphisms are implemented through interface methods, so that different types can be processed in a unified manner. 3. The basic usage demonstrates the efficiency of function definition and call. 4. In advanced usage, slices provide powerful functions of dynamic resizing. 5. Common errors such as race conditions can be detected and resolved through getest-race. 6. Performance optimization Reuse objects through sync.Pool to reduce garbage collection pressure.
Golang's Purpose: Building Efficient and Scalable SystemsApr 09, 2025 pm 05:17 PMGo language performs well in building efficient and scalable systems. Its advantages include: 1. High performance: compiled into machine code, fast running speed; 2. Concurrent programming: simplify multitasking through goroutines and channels; 3. Simplicity: concise syntax, reducing learning and maintenance costs; 4. Cross-platform: supports cross-platform compilation, easy deployment.
Why do the results of ORDER BY statements in SQL sorting sometimes seem random?Apr 02, 2025 pm 05:24 PMConfused about the sorting of SQL query results. In the process of learning SQL, you often encounter some confusing problems. Recently, the author is reading "MICK-SQL Basics"...
Is technology stack convergence just a process of technology stack selection?Apr 02, 2025 pm 05:21 PMThe relationship between technology stack convergence and technology selection In software development, the selection and management of technology stacks are a very critical issue. Recently, some readers have proposed...
Will improper use of Golang mutex cause 'fatal error: sync: unlock of unlocked mutex' error? How to avoid this problem?Apr 02, 2025 pm 05:18 PMGolang ...
How to use reflection comparison and handle the differences between three structures in Go?Apr 02, 2025 pm 05:15 PMHow to compare and handle three structures in Go language. In Go programming, it is sometimes necessary to compare the differences between two structures and apply these differences to the...
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
WebStorm Mac version
Useful JavaScript development tools
