Menu
I have an API Gateway where I'm setting the authentication to use AWS_IAM. This requires that I sign each request with the AWS V4 signature and attach the HMAC in the header. I've found libraries to sign a request with the V4 signature in nodejs. But I cannot find a library to sign for me. Even the aws-sdk for .NET has this abstracted for their own specific use case. Is there a library out there (i've done a quick google search and found no results)? Or do I need to write out the hmac myself?
842
You sign requests with your AWS access key, which consists of an access key ID and secret access key. Some requests don't need to be signed, including anonymous requests to Amazon Simple Storage Service (Amazon S3) and some API operations in AWS Security Token Service (AWS STS) such as AssumeRoleWithWebIdentity .
In general, these are the steps required to sign a request: Form the HTTPS request (SSL protocol TLS 1.2 is required). Create the signing string, which is based on parts of the request. Create the signature from the signing string, using your private key and the RSA-SHA256 algorithm.
An alternative to Aws4RequestSigner is AwsSignatureVersion4. I think its API is easier to work with, but I am biased since I am the author of the latter.
69
While this is an old question, since AWS has not "prioritized accordingly" with regards to the .NET AWS SDK as stated in their comment above and this is still a relevant problem today, I found a good library that will take care of the AWS V4 request signing for you.
Here is the Nuget package.
Here is the GitHub source and implementation documentation.
In addition, I've found that for my API Gateway AWS_IAM Authorization to work with temporary security credentials, you also need to include the "x-amz-security-token" header with the current session token as it's value as well in your request.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
