Skip to content

zirkelc/aws-sigv4

BranchesTags

Repository files navigation

CI npm npm

AWS SigV4 libraries

This repository contains two libraries to sign HTTP requests with AWS Signature Version 4 (SigV4):

  • aws-sigv4-fetch creates a fetch function to automatically sign HTTP requests.
  • aws-sigv4-sign creates a Request object with signed headers that can be used with any other HTTP library.

What is Signature Version 4?

Signature Version 4 (SigV4) is the process to add authentication information to AWS API requests sent by HTTP. For security, most requests to AWS must be signed with an access key. The access key consists of an access key ID and secret access key, which are commonly referred to as your security credentials

AWS documentation on Signature Version 4 signing process

Which library should I use?

Are you using the fetch API?

Install the aws-sigv4-fetch package and use the createSignedFetcher function to create a signed fetch function:

import { createSignedFetcher } from 'aws-sigv4-fetch';

const signedFetch = createSignedFetcher({ service: 'lambda', region: 'eu-west-1' });

const response = await signedFetch('https://mylambda.lambda-url.eu-west-1.on.aws/');

Are you using Axios, Ky, Got, node:http or any other HTTP library?

Install the aws-sigv4-sign package and use the signRequest function to create a signed Request object:

import { signRequest } from 'aws-sigv4-sign';

const url = 'https://mylambda.lambda-url.eu-west-1.on.aws/';

const signedRequest = await signRequest(url, {
  service: 'lambda',
  region: 'eu-west-1'
});

// Convert headers to a plain object
const headers = Object.fromEntries(signedRequest.headers.entries());

// Axios
import axios from "axios";
const response = await axios(url, { headers });

// Ky
import ky from "ky";
const response = await ky.get(url, { headers });

// Got
import got from "got";
const response = await got(url, { headers });

Are you using graphql-request?

Install the aws-sigv4-fetch package and use the createSignedFetcher function to create a signed fetch function and pass it to the fetch option of the GraphQLClient:

import { createSignedFetcher } from 'aws-sigv4-fetch';
import { GraphQLClient } from 'graphql-request';

const query = `
  mutation CreateItem($input: CreateItemInput!) {
    createItem(input: $input) {
      id
      createdAt
      updatedAt
      name
    }
  }
`;

const variables = {
  input: {
    name,
  },
};

const client = new GraphQLClient('https://mygraphqlapi.appsync-api.eu-west-1.amazonaws.com/graphql', {
  fetch: createSignedFetcher({ service: 'appsync', region: 'eu-west-1' }),
});

const result = await client.request(query, variables);

Usage

Go to the docs of aws-sigv4-fetch or aws-sigv4-sign for more information.

Resources

License

MIT

About

AWS SignatureV4 fetch function built on the official AWS SDK for JS

www.npmjs.com/package/aws-sigv4-fetch

Resources

Readme

License

MIT license
Activity

Stars

32 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 8

[email protected] Latest
Jan 13, 2025
+ 7 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Contributors 3

  •  
  •  
  •  

Languages