lua-resty-aws-signature
AWS signature V4 headers generator
$ opm get jobteaser/lua-resty-aws-signature
lua-resty-aws-signature
This library is based on the work of Alan Grosskurth at https://github.com/grosskur/lua-resty-aws. It is basically forked from his repository and we change the HMAC library used.
Overview
This library implements request signing using the [AWS Signature Version 4][aws4] specification. This signature scheme is used by nearly all AWS services.
AWS documentation
[aws4]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Usage
This library uses standard AWS environment variables as credentials to generate [AWS Signature Version 4][aws4].
export AWS_ACCESS_KEY_ID=AKIDEXAMPLE
export AWS_SECRET_ACCESS_KEY=AKIDEXAMPLE
To be accessible in your nginx configuration, these variables should be declared in nginx.conf
file.
#user nobody;
worker_processes 1;
error_log /dev/fd/1 debug;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
env AWS_ACCESS_KEY_ID;
env AWS_SECRET_ACCESS_KEY;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
You can then use the library to add AWS Signature headers and proxy_pass
to a given S3 bucket.
set $bucket 'example';
set $s3_host $bucket.s3-eu-west-1.amazonaws.com;
location / {
access_by_lua_block {
require("resty.aws-signature").s3_set_headers(ngx.var.s3_host, ngx.var.uri)
}
proxy_pass https://$s3_host;
}
Note: you have to set either s3-<region>
or s3
as subdomain of amazonaws.com
depending on your need. s3
will use us-east-1
region.
Contributing
Check CONTRIBUTING.md for more information.
License
Copyright 2018 JobTeaser
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Authors
Ludovic Vielle (lukkor)
License
apache2
Dependencies
Versions
-
AWS signature V4 headers generator 2018-09-20 13:12:26
-
AWS signature V4 headers generator 2018-09-20 12:40:45
-
AWS signature V4 headers generator 2018-09-20 12:19:09