Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Lambda@Edge SigV4Asymmetric signing issue in Typescript for S3 Multi Region Access point MRAP

0

Hi,

I had asked this question through support with case id 12004513771 however they were not able to assist with a custom code issue.

I was trying replicate in Typescript the S3 MRAP signing based on the article https://aws.amazon.com/blogs/storage/building-an-active-active-latency-based-application-across-multiple-regions/

The specific issue I am having with is the AWS SDK for node ‘aws-crt’ 1.15.9 and nodejs16.x:

import { auth } from 'aws-crt';

import { HttpHeaders, HttpRequest } from "aws-crt/dist/native/http";

.....

const httpRequest = new HttpRequest(method, endpoint, headers);

const signedHttpRequest: HttpRequest = await auth.aws_sign_request(httpRequest, config);

However the issue I have is that both calls above return an empty object {}

Typescript code:

Signing function:

async function sigV4ASignBasic(method: string, endpoint: string, headers: HttpHeaders, service: string): Promise<HttpHeaders> { const httpRequest = new HttpRequest(method, endpoint, headers); console.log('httpRequest: ' + JSON.stringify(httpRequest))

const config: AwsSigningConfig = {
    service: service,
    region: "*",
    algorithm: auth.AwsSigningAlgorithm.SigV4Asymmetric,
    signature_type: auth.AwsSignatureType.HttpRequestViaHeaders,
    signed_body_header: auth.AwsSignedBodyHeaderType.XAmzContentSha256,
    provider: auth.AwsCredentialsProvider.newDefault()
};
console.log('config: ' + JSON.stringify(config))

const signedHttpRequest: HttpRequest = await auth.aws_sign_request(httpRequest, config);
console.log('signedHttpRequest: ' + JSON.stringify(signedHttpRequest))
return signedHttpRequest.headers;

}

Called from:

    console.log('method: %s, endpoint: %s, cfReadOnlyHeaders with X-Amz-Cf-Id: %s, service: %s', method, endpoint, JSON.stringify(cfReadOnlyHeaders), service)
    //  # Sign the request with Signature Version 4A (SigV4A).
    const authHeaders: HttpHeaders = await sigV4ASignBasic(method, endpoint, cfReadOnlyHeaders, service)

Above log:

2023-02-14T10:58:06.610Z 4b78c29a-a348-4415-bf7b-533bb4cc0734 INFO method: GET, endpoint: https://xxxxxxxxxxxx.mrap.accesspoint.s3-global.amazonaws.com/favicon.ico, cfReadOnlyHeaders with X-Amz-Cf-Id: { "X-Amz-Cf-Id": "LTMHFCMnnmxohWwJpJHoUNfWR0_gZtk_9InF14ToRrKjpWtjwDiPlA==" } , service: s3

King Regards

Tópicos
Armazenamento
Tags
Serviço de armazenamento simples da Amazon
Idioma
English
rePost-User-4594628
feita há um ano259 visualizações
1 Resposta
0
Resposta aceita

Hello,

Greetings of the day!! Thank you for contacting AWS.

I have gone through the support case which was mentioned.

I see that an empty object is returned when 'new HttpRequest(method, endpoint, headers)' or 'await auth.aws_sign_request(httpRequest, config);' is called.

Kindly note that since the issue lies where the code for the sigV4a signing comes from, I request that you reach out to github for more information on how to circumvent this issue.

Rohit
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante