Is there a .NET library that can sign a request with AWS V4 Signature?
Solution 1
you can read on how the signature is done and you can (if you want). I would recommend pulling in the AWS SDK for .NET and using the functionality from the SDK to actually perform the signature.
Here is the signer form the SDK:
You may need to adapt it (ie it knows about AWS services and endpoints by default)
Solution 2
While this is an old question, since AWS has not "prioritized accordingly" with regards to the .NET AWS SDK as stated in their comment above and this is still a relevant problem today, I found a good library that will take care of the AWS V4 request signing for you.
Here is the GitHub source and implementation documentation.
In addition, I've found that for my API Gateway AWS_IAM Authorization to work with temporary security credentials, you also need to include the "x-amz-security-token" header with the current session token as it's value as well in your request.
Solution 3
An alternative to Aws4RequestSigner is AwsSignatureVersion4. I think its API is easier to work with, but I am biased since I am the author of the latter.
Comments
-
Richard R almost 2 years
I have an API Gateway where I'm setting the authentication to use AWS_IAM. This requires that I sign each request with the AWS V4 signature and attach the HMAC in the header. I've found libraries to sign a request with the V4 signature in nodejs. But I cannot find a library to sign for me. Even the aws-sdk for .NET has this abstracted for their own specific use case. Is there a library out there (i've done a quick google search and found no results)? Or do I need to write out the hmac myself?
-
gravity almost 8 yearsIs the standard library not applicable for this?
-
Richard R almost 8 yearsThe implementation will definitely use the standard .net library to perform the actual HMAC, but the recipe for how to generate the key and what to hmac is involved. github.com/mhart/aws4/blob/master/aws4.js is the nodejs implementation that signs a request for aws v4 signature.
-
-
Richard R almost 8 yearsTheir library will speed along the process, but I still have to shoe horn the standard HttpRequestMessage into their IRequest format or at least write a wrapper to return similiar parameters.
-
RyanG almost 8 yearsWe (API Gateway) are aware of the need for official .NET SDK support and have prioritized accordingly. In the meantime, I would suggest as @Mircea suggested and to either 1) Implement your own signer as per docs.aws.amazon.com/general/latest/gr/sigv4_signing.html or 2) Re-use pieces of the existing .NET AWS SDK
-
Ronen Festinger over 4 yearsHi, I'm the co author of this library and can accept requests or feedback.
-
Primico over 3 yearsHi, I am using AWS elasticsearch and would like to sign the requests. I am using the asp .net elasticsearch NEST sdk and was wondering if your AwsSignatureVersion4 would work with that? var client = new ElasticClient(settings);
-
FantasticFiasco over 3 yearsI actually have no idea, but it would be fun to try out! Would you be able to create a GitHub repository with sample code, and we could see if we can work together on it?
-
Elliveny almost 3 yearsI have an IAM secured API Gateway stage and want to make requests to it from a lambda function, using that lambda function's IAM role and I'm wondering if I can do that using either of these libraries? Any guidance would be appreciated as I'm not seeing how to do that presently. Thanks.
-
FantasticFiasco almost 3 yearsAren't AWS IAM roles set as environment variables on the Lambda function? In that case you should be able to use those in requests using AwsSignatureVersion4.