AWS Signature Version 4 for use in query or header authorization
signature_v4_auth(
datetime = format(Sys.time(), "%Y%m%dT%H%M%SZ", tz = "UTC"),
region = NULL,
service,
verb,
action,
query_args = list(),
canonical_headers,
request_body,
signed_body = FALSE,
key = NULL,
secret = NULL,
session_token = NULL,
query = FALSE,
algorithm = "AWS4-HMAC-SHA256",
force_credentials = FALSE,
verbose = getOption("verbose", FALSE)
)A character string containing a datetime in the form of “YYYYMMDDTHHMMSSZ”. If missing, it is generated automatically using Sys.time.
A character string containing the AWS region for the request. If missing, “us-east-1” is assumed.
A character string containing the AWS service (e.g., “iam”, “host”, “ec2”).
A character string containing the HTTP verb being used in the request.
A character string containing the API endpoint used in the request.
A named list of character strings containing the query string values (if any) used in the API request, passed to canonical_request.
A named list of character strings containing the headers used in the request.
The body of the HTTP request.
Should the body be signed
An AWS Access Key ID. If NULL, it is retrieved using locate_credentials.
An AWS Secret Access Key. If NULL, it is retrieved using locate_credentials.
Optionally, an AWS Security Token Service (STS) temporary Session Token. This is added automatically as a header to canonical_headers. See locate_credentials.
A logical. Currently ignored.
A character string containing the hashing algorithm used in the request. Should only be “SHA256”.
A logical indicating whether to force use of user-supplied credentials. If FALSE (the default), locate_credentials is used to find credentials. If TRUE, user-supplied values are used regardless of their validity.
A logical indicating whether to be verbose.
A list of class “aws_signature_v4”, containing the information needed to sign an AWS API request using either query string authentication or request header authentication. Specifically, the list contains:
A character string containing the hashing algorithm used during the signing process (default is SHA256).
A character string containing an identifying credential “scoped” to the region, date, and service of the request.
A character string containing a YYYYMMDD-formatted date.
A character string containing a semicolon-separated listing of request headers used in the signature.
The value passed to request_body.
A character string containing a SHA256 hash of the request body.
The value passed to verb.
The value passed to query_args.
The value passed to service.
The value passed to action.
A character string containing the canonical request.
A character string containing the string to sign for the request.
A character string containing a request signature hash.
A character string containing a complete Authorization header value.
A character string containing the access key id identified by locate_credentials.
A character string containing the secret access key identified by locate_credentials.
A character string containing the session token identified by locate_credentials.
A character string containing the region identified by locate_credentials.
These values can either be used as query parameters in a REST-style API request, or as request headers. If authentication is supplied via query string parameters, the query string should include the following:
Action=action &X-Amz-Algorithm=Algorithm &X-Amz-Credential=URLencode(Credentials) &X-Amz-Date=Date &X-Amz-Expires=timeout &X-Amz-SignedHeaders=SignedHeaders
where action is the API endpoint being called and timeout is a numeric value indicating when the request should expire.
If signing a request using header-based authentication, the Authorization header in the request should be included with the request that looks as follows:
Authorization: Algorithm Credential=Credential, SignedHeaders=SignedHeaders, Signature=Signature
This is the value printed by default for all objects of class aws_signature_v4.
This function generates an AWS Signature Version 4 for authorizing API requests.
AWS General Reference: Signature Version 4 Signing Process
Amazon S3 API Reference: Authenticating Requests (AWS Signature Version 4)