The Celigo platform can connect to services that use AWS Signature Version 4 authentication. You can create a signature for Amazon Web Services (AWS) using the custom {{aws4}} handlebar helper. This AWS Signature Version 4 allows you to authenticate HTTP requests.
The custom aws4 handlebar helper
You can use the following custom aws4 handlebar helper to create an AWS signature:
{{{aws4 accessKey secretKey sessionToken region serviceName}}}
- For the accessKey, secretKey, and session Token, see AWS security credentials documentation. Or, you can check with your account admin.
- For the region, see AWS Service Endpoints documentation.
- For serviceName, see the AWS Resource Name documentation.
Ways to use the aws4 handlebar helper
After you set up a custom HTTP connection, use the aws4 handlebar helper to calculate an AWS signature in one of the following ways:
Authorization by configuring the HTTP header
Authorize the connection by configuring the HTTP header fields. In Configure HTTP headers, you must provide Authorization with the aws4 handlebar helper. For this authorization, you must also provide X-Amz-Date as shown.
Authorization {{{aws4 accessKey secretKey sessionToken region serviceName}}}
X-Amz-Date {{timestamp "YYYYMMDDTHHmmss" "Etc/GMT-0"}}Z
Authorization using the request URL
Authorize the connection using the request URL. In this case, you must append the X-Amz-Signature to the aws4 handlebar helper in the Request URL of an HTTP export or import:
X-Amz-Signature={{{aws4 accessKey secretKey sessionToken region serviceName}}}
Example: Create the AWS signature in a custom HTTP connection
- Select Connections from the Resources menu.
- Next, click + Create connection at the top right. In the resulting Create connection panel, select HTTP from the Application list, under the Universal connectors group.
- In Mode, Cloud is selected by default.
- In Base URI, enter the common part of the API’s URL, used across all HTTP endpoints you invoke, which integrator.io will use to make the custom authorization request. For example,
https://xyz.example.com/v1
. - In Configure HTTP headers, enter the required fields and values for authentication. For example,
Authorization
andX-AMZ-Date
.
Based on the Amazon service you want to connect to, you might have to configure additional headers, such as id_token
and X-Amz-Security-Token
. For your connection’s values, see AWS documentation.
- In Media type, select the data format to use in the HTTP request body and response body. For example, if your API uses the JSON media type to send HTTP responses, select JSON.
- In Auth type, select Custom.
- In Custom configuration, under Custom encrypted fields enter the field/value pairs that you would like to encrypt. For example,
- Click Save & close.
These details are saved and enable you to create a custom connection with the AWS Version 4 signature. Now, use this connection for authenticating HTTP export or import requests.
Comments
Please sign in to leave a comment.