presigned url does not include needed query params

[shlevy]

sourceRequest :: CreateDBInstanceReadReplica
sourceRequest =
  createDBInstanceReadReplica "" "arn:aws:rds:us-west-2:fake:db:fakey" & cdirrKMSKeyId ?~ "arn:aws:kms:us-west-1:fake:key/faker"

main :: IO ()
main = do
  lgr  <- newLogger Debug stdout
  env <- credFile >>= newEnv . FromFile "somatix-dev"
  now <- getCurrentTime
  presigned <- runResourceT  $ runAWS (env & envLogger .~ lgr) $
    presignURL now 10 sourceRequest
  putStrLn $ show presigned

Gives "https://rds.amazonaws.com/?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=CREDREDACTED%2F20170331%2Fus-east-1%2Frds%2Faws4_request&X-Amz-Date=20170331T153116Z&X-Amz-Expires=10&X-Amz-SignedHeaders=content-type%3Bhost&X-Amz-Signature=SIGREDACTED"

We need other query params there, e.g. KmsKeyId

[shlevy]

@brendanhay Any thoughts on this?

[endgame]

OK, did some digging. I assume this is for the PreSignedUrl fields that cross-region RDS requests need (#378)? amazonka-rds uses the default V4 signer:

https://github.com/brendanhay/amazonka/blob/53bc5a196acebc6bb7c40da71223c8817fcb6f90/amazonka-rds/gen/Network/AWS/RDS/Types.hs#L1314

However, the default signer appears to have a hardcoded list of headers that it includes:

https://github.com/brendanhay/amazonka/blob/53bc5a196acebc6bb7c40da71223c8817fcb6f90/amazonka/src/Network/AWS/Sign/V4.hs#L38-L43

I suspect that we'll need to override the signer for amazonka-rds somewhere if the PreSignedUrl field is present on any of the five request types mentioned in #661 (which has a link to the botocore hackery that does similar things). Would be neat to have but definitely 2.0 material unless someone else makes a PR.