how.wtf

AWS SigV4 requests with curl

· Thomas Taylor

Curl handles AWS Signature Version 4 API requests natively.

How to create AWS Signature Version 4 requests using curl

If an API Gateway is configured to use AWS IAM authorization, curl provides a seamless integration for HTTP requests.

1curl "$url" \
2	--user "$AWS_ACCESS_KEY_ID":"$AWS_SECRET_ACCESS_KEY" \
3	--aws-sigv4 "aws:amz:us-east-1:execute-api"

In the example, the $url links to a custom domain that points to an API Gateway.

The --user argument is given the $AWS_ACCESS_KEY_ID and $AWS_SECRET_ACCESS_KEY that links to the AWS IAM user.

The AWS service for invoking an API Gateway is execute-api. For curl, the full provider string is required:

1--aws-sigv4 "aws:amz:region:service"

How to use session token with AWS SigV4 curl

In addition to using IAM user credentials, you can optionally specify a session token using the header of x-amz-security-token. This is useful for temporary access through role assumptions.

1curl "$url" \
2	--user "$AWS_ACCESS_KEY_ID":"$AWS_SECRET_ACCESS_KEY" \
3	-H "x-amz-security-token: $AWS_SESSION_TOKEN" \
4	--aws-sigv4 "aws:amz:us-east-1:execute-api"

#Linux  

Reply to this post by email ↪