I am working on an app for Jira Cloud platform using forge framework. I created an HTTP endpoint using AWS API Gateway. This endpoint triggers a lambda function that does some operation on DynamoDB. I employed IAM authorization for the endpoint. After failing trials to use aws4 library with forge, I used the following function that is taken from AWS documentation to create signing key. However, while sending the request using javascript, I always get “{message: Forbidden}”.:
export function getAWSHeaders(){
const accessKey = ""
const secretKey = ""
const regionName = "us-east-1"
const serviceName = "execute-api"
var date = new Date().toISOString().split('.')[0] + 'Z';
date = date.split("-").join("").split(":").join("")
var dateWithoutTime = date.split("T")[0]
var myHeaders = {}
myHeaders["X-Amz-Date"] = date;
var crypto = require("crypto-js");
var kDate = crypto.HmacSHA256(dateWithoutTime, "AWS4" + secretKey);
var kRegion = crypto.HmacSHA256(regionName, kDate);
var kService = crypto.HmacSHA256(serviceName, kRegion);
var kSigning = crypto.HmacSHA256("aws4_request", kService);
myHeaders["Authorization"] = "AWS4-HMAC-SHA256 Credential=" + accessKey + "/" + dateWithoutTime + "/us-east-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date, Signature=" + kSigning
return myHeaders;
}
This is how I send the request:
resolver.define("test", async ({context}) => {
var url = ""
var myHeaders = getAWSHeaders()
var requestOptions = {
method: 'GET',
headers: myHeaders,
redirect: 'follow'
};
const result = await fetch(url, requestOptions)
I cannot figure out what is wrong with my signing key generation. I checked several posts but could not find a sample request.
Thanks for the help in advance.
PS: I tested it using Postman, it works with the “AWS Signature” authorization in Postman.