Skip to content

Instantly share code, notes, and snippets.

@magnetikonline
Created April 16, 2024 03:04
Show Gist options
  • Save magnetikonline/ec7f496a6d8849b9542530d6061bcb09 to your computer and use it in GitHub Desktop.
Save magnetikonline/ec7f496a6d8849b9542530d6061bcb09 to your computer and use it in GitHub Desktop.
Using curl to make an AWS V4 signed request to an AWS_IAM API Gateway endpoint.

Using curl to AWS V4 sign request to AWS_IAM API Gateway endpoint

Small Bash script, calling curl with the --aws-sigv4 option to AWS V4 sign a given request for use with an IAM authorized API Gateway endpoint.

Usage

./aws-api-gateway-iam.sh \
  --request GET \
    "https://api-gateway.mydomain.com/this/route/aws-iam-authz"

Related

#!/bin/bash -e
function exitError {
echo "Error: $1" >&2
exit 1
}
function main {
if [[ -z $AWS_REGION ]]; then
exitError "missing \$AWS_REGION"
fi
if [[ -z $AWS_ACCESS_KEY_ID ]]; then
exitError "missing \$AWS_ACCESS_KEY_ID"
fi
if [[ -z $AWS_SECRET_ACCESS_KEY ]]; then
exitError "missing \$AWS_SECRET_ACCESS_KEY"
fi
local awsSessionTokenHeader=
if [[ -n $AWS_SESSION_TOKEN ]]; then
awsSessionTokenHeader="--header x-amz-security-token:$AWS_SESSION_TOKEN"
fi
curl \
--aws-sigv4 "aws:amz:$AWS_REGION:execute-api" \
--user "$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY" \
$awsSessionTokenHeader \
"$@"
}
main "$@"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment