Standalone Signer - Can't solve 403 response issue (creds ARE good, verified via postman)

[dcopenhaver]

Hello,

I can't seem to get this working. The resulting signature must not be valid how I'm currently doing this. I've read through this:
https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/signer/v4

and exact same info in a few other places regarding "Standalone Signer" topic. Below is example code, most error handling removed to keep as short as possible. I've tried with and without the trailing '/' in the url. I know the credentials are good as I can successfully send the request and get the expected response using postman.

Could anyone provide a working example of a "Standalone Signer" scenario? Any input would be appreciated. Thanks.

ctx := context.Background()

cfg, err := config.LoadDefaultConfig(
	ctx,
	config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, "")),
	config.WithHTTPClient(httpClient),
	config.WithRegion("us-east-1"),
)

creds, err := cfg.Credentials.Retrieve(ctx)

apiUrl := "https://foobar.execute-api.us-east-1.amazonaws.com/"
u, _ := url.Parse(apiUrl)

req, err := http.NewRequest("GET", u.String(), nil)

// hash the request body - used in the aws signature, if no request body still need to hash empty string
reqBodyHashBytes := sha256.Sum256([]byte(""))
reqBodyHashHex := fmt.Sprintf("%x", reqBodyHashBytes)

// sign request
signer := v4.NewSigner()
if err = signer.SignHTTP(ctx, creds, req, reqBodyHashHex, "execute-api", cfg.Region, time.Now()); err != nil {
	fmt.Printf("Error signing request.\n")
	return
}

// send request
resp, err := httpClient.Do(req)

[dcopenhaver]

didn't verify because I wound up going a completely different direction but the answer to this is most certainly the same as this:
#2069

[github-actions[bot]]

Hello! Reopening this discussion to make it searchable.