i'm using this python code, found it on official documentation: https://docs.aws.amazon.com/it_it/general/latest/gr/sigv4-signed-request-examples.html
I can do it on Postman. It works there! I'm going crazy, can you help me?
This is my code below:
import datetime
import hashlib
import hmac
import sys
import requests # pip install requests
# ************* REQUEST VALUES *************
method = 'GET'
service = 'sts'
host = 'amazonaws.com'
region = 'us-east-1'
endpoint = 'https://sts.amazonaws.com/'
#request_parameters = 'Action=DescribeRegions&Version=2013-10-15'
request_parameters = 'Action=AssumeRole&RoleSessionName=Test1&RoleArn=arn:aws:iam::001638200091:role/Amministratore&DurationSeconds=10000&Version=2011-06-15'
# Key derivation functions. See:
# http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python
def sign(key, msg):
return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
def getSignatureKey(key, dateStamp, regionName, serviceName):
kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp)
kRegion = sign(kDate, regionName)
kService = sign(kRegion, serviceName)
kSigning = sign(kService, 'aws4_request')
return kSigning
# Read AWS access key from env. variables or configuration file. Best practice is NOT
# to embed credentials in code.
access_key = 'xxxxxxxxxxxxxxx'
secret_key = 'xxxxxxxxxxxxxxx'
if access_key is None or secret_key is None:
print('No access key is available.')
sys.exit()
# Create a date for headers and the credential string
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
etc