Signing Requests

Explore how signing requests work in AWS serverless applications using IAM keys and Signature Version 4. Understand how to create pre-signed S3 upload forms to control file size, expiration, and access permissions, improving security and user experience in AWS Lambda-based apps.

We'll cover the following...

- IAM user keys
  - s3.createPresignedPost
  - requestContext
- Upload constraints

IAM user keys

To explain how temporary grants work, you first need to understand the role of the security keys you entered when configuring command-line access in Chapter 2.

Each IAM user has two keys:

an access key
a secret key

When the SDK makes a request to an AWS service, for example s3.putObject(), it sends the access key in the request headers. This allows the service to map the request to an AWS account. The SDK also sends a cryptographic signature based on the request body and the secret key using Amazon’s Signature Version 4 Signing Process ...

1.Getting Started

2.Setup Tools for Local Development

3.Creating a Web Service

Cloud Lab

4.Development and Troubleshooting

5.Core Features of AWS Lambda

6.Handling HTTP Requests

7.Using External Storage

8.Cheaper, Faster, Serverless

9.Handling Platform Events

10.Using Application Components

11.Managing Sessions and User Workflows

12.Designing Robust Applications

13.Deployment Options

Cloud Lab

Signing Requests

IAM user keys