I am working on an app for Jira Cloud platform using forge framework. I created an HTTP endpoint using AWS API Gateway. This endpoint triggers a lambda function that does some operation on DynamoDB. I employed IAM authorization for the endpoint. After failing trials to use aws4 library with forge, I used the following function that is taken from AWS documentation to create signing key. However, while sending the request using javascript, I always get "{message: Forbidden}".:
export function getAWSHeaders(){
const accessKey = ""
const secretKey = ""
const regionName = "us-east-1"
const serviceName = "execute-api"
var date = new Date().toISOString().split('.')[0] + 'Z';
date = date.split("-").join("").split(":").join("")
var dateWithoutTime = date.split("T")[0]
var myHeaders = {}
myHeaders["X-Amz-Date"] = date;
var crypto = require("crypto-js");
var kDate = crypto.HmacSHA256(dateWithoutTime, "AWS4" + secretKey);
var kRegion = crypto.HmacSHA256(regionName, kDate);
var kService = crypto.HmacSHA256(serviceName, kRegion);
var kSigning = crypto.HmacSHA256("aws4_request", kService);
myHeaders["Authorization"] = "AWS4-HMAC-SHA256 Credential=" + accessKey + "/" + dateWithoutTime + "/us-east-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date, Signature=" + kSigning
return myHeaders;
}
This is how I send the request:
resolver.define("test", async ({context}) => {
var url = ""
var myHeaders = getAWSHeaders()
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
const result = await fetch(url, requestOptions)
I cannot figure out what is wrong with my signing key generation. I checked several posts but could not find a sample request. Thanks for the help in advance.
PS: I tested it using Postman, it works with the "AWS Signature" authorization in Postman.
Here is the file I'm using to generate SigV4 requests with node. The method 'getSignedHeaders()' is likely what you're looking for.