Learn R Programming
aws.signature (version 0.2.2)

signature_v4_auth: Signature Version 4

Description

AWS Signature Version 4 for use in query or header authorization

Usage

signature_v4_auth(datetime = format(Sys.time(), "%Y%M%dT%H%M%SZ", tz = "UTC"),  region = Sys.getenv("AWS_DEFAULT_REGION", "us-east-1"),  service, verb, action, query_args = list(), canonical_headers, request_body,  key = Sys.getenv("AWS_ACCESS_KEY_ID", NULL),  secret = Sys.getenv("AWS_SECRET_ACCESS_KEY", NULL),  query = FALSE, algorithm = "AWS4-HMAC-SHA256")

Arguments

datetime
A character string containing a datetime in the form of “YYYYMMDDTHHMMSSZ”. If missing, it is generated automatically using Sys.time.
region
A character string containing the AWS region for the request.
service
A character string containing the AWS service (e.g., “iam”, “host”, “ec2”).
verb
A character string containing the HTTP verb being used in the request.
action
A character string containing the API endpoint used in the request.
query_args
A named list of character strings containing the query string values (if any) used in the API request, passed to canonical_request.
canonical_headers
A named list of character strings containing the headers used in the request.
request_body
The body of the HTTP request.
key
An AWS Access Key ID. If missing, it is retrieved using Sys.getenv("AWS_ACCESS_KEY_ID")
secret
An AWS Secret Access Key. If missing, it is retrieved using Sys.getenv("AWS_SECRET_ACCESS_KEY")
query
A logical. Currently ignored.
algorithm
A character string containing the hashing algorithm used in the request. Should only be “SHA256”.

Value

“aws_signature_v4”, containing the information needed to sign an AWS API request using either query string authentication or request header authentication. Specifically, the list contains:
Algorithm
A character string containing the hashing algorithm used during the signing process (default is SHA256).
Credential
A character string containing an identifying credential “scoped” to the region, date, and service of the request.
Date
A character string containing a YYYYMMDD-formatted date.
SignedHeaders
A character string containing a semicolon-separated listing of request headers used in the signature.
BodyHash
A character string containing a SHA256 hash of the request body.
StringToSign
A character string containing the string to sign for the request.
Signature
A character string containing a request signature hash.
SignatureHeader
A character string containing a complete Authorization header value.
These values can either be used as query parameters in a REST-style API request, or as request headers. If authentication is supplied via query string parameters, the query string should include the following:Action=action &X-Amz-Algorithm=Algorithm &X-Amz-Credential=URLencode(Credentials) &X-Amz-Date=Date &X-Amz-Expires=timeout &X-Amz-SignedHeaders=SignedHeaderswhere action is the API endpoint being called and timeout is a numeric value indicating when the request should expire.If signing a request using header-based authentication, the “Authorization” header in the request should be included with the request that looks as follows:Authorization: Algorithm Credential=Credential, SignedHeaders=SignedHeaders, Signature=SignatureThis is the value printed by default for all objects of class “aws_signature_v4”.

Details

This function generates an AWS Signature Version 4 for authorizing API requests.

References

AWS General Reference: Signature Version 4 Signing Process

Amazon S3 API Reference: Authenticating Requests (AWS Signature Version 4)

http://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html

See Also

signature_v4_auth