lua-resty-aws-signature
AWS signature V4 headers generator
$ opm get rtokarev/lua-resty-aws-signaturelua-resty-aws-signature
This library is based on the work of Alan Grosskurth at https://github.com/grosskur/lua-resty-aws. It is basically forked from his repository and we change the HMAC library used.
Overview
This library implements request signing using the [AWS Signature Version 4][aws4] specification. This signature scheme is used by nearly all AWS services.
AWS documentation
[aws4]: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Usage
This library uses standard AWS environment variables as credentials to generate [AWS Signature Version 4][aws4].
    export AWS_ACCESS_KEY_ID=AKIDEXAMPLE
    export AWS_SECRET_ACCESS_KEY=AKIDEXAMPLETo be accessible in your nginx configuration, these variables should be declared in nginx.conf file.
    #user  nobody;
    worker_processes  1;
    
    error_log  /dev/fd/1 debug;
    #error_log  logs/error.log  notice;
    #error_log  logs/error.log  info;
    
    #pid        logs/nginx.pid;
    
    env AWS_ACCESS_KEY_ID;
    env AWS_SECRET_ACCESS_KEY;
    
    events {
        worker_connections  1024;
    }
    
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
    
        #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
        #                  '$status $body_bytes_sent "$http_referer" '
        #                  '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /dev/stdout;
    
        sendfile        on;
        #tcp_nopush     on;
    
        #keepalive_timeout  0;
        keepalive_timeout  65;
    
        #gzip  on;
    
        include /etc/nginx/conf.d/*.conf;
    }You can then use the library to add AWS Signature headers and proxy_pass to a given S3 bucket.
    set $bucket 'example';
    set $s3_host $bucket.s3-eu-west-1.amazonaws.com;
    
    location / {
      access_by_lua_block {
        require("resty.aws-signature").s3_set_headers(ngx.var.s3_host, ngx.var.uri)
      }
    
      proxy_pass https://$s3_host;
    }Note: you have to set either s3-<region> or s3 as subdomain of amazonaws.com depending on your need. s3 will use us-east-1 region.
Contributing
Check CONTRIBUTING.md for more information.
License
Copyright 2018 JobTeaser
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Authors
Ludovic Vielle (lukkor),Roman Tokarev (rtokarev)
License
apache2
Dependencies
Versions
- 
    
    
    AWS signature V4 headers generator 2023-02-15 14:27:03
