Description:

requestsiamauth 0.8.0

Requests IAMAuth





Use AWS SigV4 authorization with requests.
Accessing an API secured with IAM authorization in AWS API Gateway can be tricky.
This tool uses the built-in authorization strategy in requests to help you access your secured endpoints.
Installation
pip install requests-iamauth

Usage
Signing Version 4
AWS sigv4 is the current standard for signing requests bound for AWS services.
Use requests-iamauth to as an authorizer for the requests Python library:
import requests
from iamauth import Sigv4Auth

sigv4 = Sigv4Auth(
service_name="execute-api", # default
)

session = requests.Session()
session.auth = sigv4
session.get('https://abcdef0123.execute-api.us-east-2.amazonaws.com/my/api')

Override the default boto3 session by passing a custom one into the constructor for Sigv4Auth:
import boto3

sigv4 = Sigv4Auth(
boto3_session=boto3.Session(),
)

Signing Version 4a
AWS sigv4a is an extension to the sigv4 signing process that enables signing requests bound for more than one region.

Note — at the time of this writing, the only API Gateway API type that appears to support the new sigv4a are REST APIs.

Use requests-iamauth to as an authorizer for the requests Python library:
import requests
from iamauth import Sigv4aAuth

sigv4a = Sigv4aAuth(
service="execute-api", # default
region="*", # default
)

session = requests.Session()
session.auth = sigv4a
session.get('https://abcdef0123.execute-api.us-east-2.amazonaws.com/my/api')

Override the default AWS credentials provider by passing a custom one into the constructor for Sigv4aAuth:
from botocore.compat import awscrt

sigv4a = Sigv4aAuth(
credentials_provider=awscrt.auth.AwsCredentialsProvider.new_default_chain(),
)

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

Share

• Share on Facebook
• Share on Twitter