AWS - HTTPS

The AWS service authenticator exposes an HTTP proxy which will authenticate requests made to AWS without revealing access keys to the consumer.

Service Parameters

  • type
    Required
    This parameter indicates the type of service proxied by the authenticator. For AWS, the value of type should always be aws.

  • match
    Required
    An array of regex patterns which match a request URI, either partially or fully. Requests which are matched by a regex in this array will be authenticated by this authenticator.

Credentials

  • accessKeyID
    Required
    AWS access key ID

  • secretAccessKey
    Required
    AWS secret access key

  • accessToken
    Required
    AWS session token

Examples

Authenticate all requests

 

version: "2"
services:
  aws-proxy:
    protocol: http
    listenOn: tcp://0.0.0.0:8080
    credentials:
      accessKeyId:
        from: env
        get: AWS_ACCESS_KEY_ID
      secretAccessKey:
        from: env
        get: AWS_SECRET_ACCESS_KEY
    config:
      authenticationStrategy: aws
      authenticateURLsMatching:
        - .*

Only authenticate requests to Amazon EC2

 

version: "2"
services:
  aws-proxy:
    protocol: http
    listenOn: tcp://0.0.0.0:8080
    credentials:
      accessKeyId: 
        from: env
        get: AWS_ACCESS_KEY_ID
      secretAccessKey:
        from: env
        get: AWS_SECRET_ACCESS_KEY
    config:
      authenticationStrategy: aws
      authenticateURLsMatching:
        - ^https\:\/\/ec2\..*\.amazonaws.com
 
9.7