magnetikonline/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Using curl to AWS V4 sign request to AWS_IAM API Gateway endpoint

Small Bash script, calling curl with the --aws-sigv4 option to AWS V4 sign a given request for use with an IAM authorized API Gateway endpoint.
Usage

./aws-api-gateway-iam.sh \
  --request GET \
    "https://api-gateway.mydomain.com/this/route/aws-iam-authz"
Related


https://curl.se/docs/manpage.html#--aws-sigv4
https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-access-control-iam.html


## aws-api-gateway-iam.sh
#!/bin/bash -e

function exitError {
	echo "Error: $1" >&2
	exit 1
}

function main {
	if [[ -z $AWS_REGION ]]; then
		exitError "missing \$AWS_REGION"
	fi

	if [[ -z $AWS_ACCESS_KEY_ID ]]; then
		exitError "missing \$AWS_ACCESS_KEY_ID"
	fi

	if [[ -z $AWS_SECRET_ACCESS_KEY ]]; then
		exitError "missing \$AWS_SECRET_ACCESS_KEY"
	fi

	local awsSessionTokenHeader=
	if [[ -n $AWS_SESSION_TOKEN ]]; then
		awsSessionTokenHeader="--header x-amz-security-token:$AWS_SESSION_TOKEN"
	fi

	curl \
		--aws-sigv4 "aws:amz:$AWS_REGION:execute-api" \
		--user "$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY" \
		$awsSessionTokenHeader \
			"$@"
}


main "$@"
	#!/bin/bash -e

	function exitError {
	echo "Error: $1" >&2
	exit 1
	}

	function main {
	if [[ -z $AWS_REGION ]]; then
	exitError "missing \$AWS_REGION"
	fi

	if [[ -z $AWS_ACCESS_KEY_ID ]]; then
	exitError "missing \$AWS_ACCESS_KEY_ID"
	fi

	if [[ -z $AWS_SECRET_ACCESS_KEY ]]; then
	exitError "missing \$AWS_SECRET_ACCESS_KEY"
	fi

	local awsSessionTokenHeader=
	if [[ -n $AWS_SESSION_TOKEN ]]; then
	awsSessionTokenHeader="--header x-amz-security-token:$AWS_SESSION_TOKEN"
	fi

	curl \
	--aws-sigv4 "aws:amz:$AWS_REGION:execute-api" \
	--user "$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY" \
	$awsSessionTokenHeader \
	"$@"
	}


	main "$@"