Hi All,
I'm currently trying to implement an integration in an Edge function to call a Lambda Function through an FunctionUrl which has IAM as auth-type.
I originally followed this blog post available in aws blogs: https://aws.amazon.com/blogs/compute/protecting-an-aws-lambda-function-url-with-amazon-cloudfront-and-lambdaedge/
Using Javascript it worked as expected, however I couldn't find any official references for typescript with sdk-v3 equivalent.
I tried @aws-sdk/signature-v4 assuming both of my function and edge function as deployed in us-east-1, however for testing purpose I also tried the @aws-sdk/signature-v4-multi-region with cross-region deployment.
To sign the request I tried:
const req = new HttpRequest({ method: request.method, protocol: 'https', hostname:${host}, path: path, }); const credentialProvider = fromNodeProviderChain(); const credentials = await credentialProvider(); const v4 = new SignatureV4MultiRegion({ service: ${AWS_SERVICE}, region, credentials, sha256: Sha256, }); const signedRequest = await v4.sign(req);
By calling the edge function through the Cloudfront mapped path it I receive the following error:
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details."}
I'm currently not able to figure out ways of debugging it properly and discover which field doesn't match, so I'm not sure if I'm just missing any obvious config on service level or instance in the code.
Any support diving into the steps to properly debug it are much appreciated.
Thank you in advance.
AWS OFFICIALAktualisiert vor einem Jahr