Reference documentation and code samples for the googleauth class Google::Auth::ExternalAccount::AwsRequestSigner.
Implements an AWS request signer based on the AWS Signature Version 4 signing process. https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Inherits
- Object
Methods
#generate_signed_request
def generate_signed_request(aws_credentials, original_request) -> Hash
Generates an AWS signature version 4 signed request.
Creates a signed request following the AWS Signature Version 4 process, which provides secure authentication for AWS API calls. The process includes creating canonical request strings, calculating signatures using the AWS credentials, and building proper authorization headers.
For detailed information on the signing process, see: https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
- aws_credentials (Hash) — The AWS security credentials with the following keys: @option aws_credentials [String] :access_key_id The AWS access key ID @option aws_credentials [String] :secret_access_key The AWS secret access key @option aws_credentials [String, nil] :session_token Optional AWS session token
- original_request (Hash) — The request to sign with the following keys: @option original_request [String] :url The AWS service URL (must be HTTPS) @option original_request [String] :method The HTTP method (GET, POST, etc.) @option original_request [Hash, nil] :headers Optional request headers @option original_request [String, nil] :data Optional request payload
-
(Hash) —
The signed request with the following keys:
- :url - The original URL as a string
- :headers - A hash of headers with the authorization header added
- :method - The HTTP method
- :data - The request payload (if present)
- (Google::Auth::CredentialsError) — If the AWS service URL is invalid
#initialize
def initialize(region_name) -> AwsRequestSigner
Instantiates an AWS request signer used to compute authenticated signed requests to AWS APIs based on the AWS Signature Version 4 signing process.
- region_name (string) — The AWS region to use.
- (AwsRequestSigner) — a new instance of AwsRequestSigner