Awesome
Superagent-AWS-Sign
Superagent plugin to sign AWS requests and invoke AWS resources protected by IAM roles. It uses the AWS Signature Version 4 process to add authentication information to requests.
Installation
Install the package from npm:
npm install @certible/superagent-aws-sign
Usage
Import the AwsSignRequest class and create a new instance. After building your request use the use()
method from Superagent to your instance to the request:
const AwsSignRequest = require('@certible/superagent-aws-sign');
const signer = new AwsSignRequest();
await signer.setCredentialsFromConfig('default');
const response = await superagent
.get('api-gateway-url')
.use(signer.add()); // 'execute-api' is the default service of the class
TypeScript
Package is written with JSDoc comments. For TypeScript users you may need to allow JavaScript in your tsconfig.json
file.
{
"compilerOptions": {
"allowJs": true,
"maxNodeModuleJsDepth": 1
}
}
Setting AWS Region
You can set the AWS region for the request using the setRegion method:
const region = 'us-west-2';
signer.setRegion(region);
Setting AWS Credentials
You can set AWS credentials manually or load them from the local ~/.aws/credentials
file.
Manually setting credentials
const credentials = {
accessKeyId: 'YOUR_ACCESS_KEY',
secretAccessKey: 'YOUR_SECRET_ACCESS_KEY',
sessionToken: 'OPTIONAL_SESSION_TOKEN',
};
signer.setCredentials(credentials);
Loading credentials from config
const profile = 'YOUR_AWS_PROFILE_NAME';
signer.setCredentialsFromConfig(profile)
.then((credentials) => {
// Credentials loaded successfully
})
.catch((error) => {
// Error loading credentials
console.error(error);
});
Assuming a Role
To assume a role, use the assumeRole method:
const params = {
RoleArn: 'ARN_OF_THE_ROLE',
RoleSessionName: 'SESSION_NAME',
};
signer.assumeRole(params)
.then(() => {
// Role assumed successfully
})
.catch((error) => {
// Error assuming role
console.error(error);
});
Removing Role
To remove a previously assumed role and revert to using the original credentials, use the removeRole method:
signer.removeRole();
Testing
To run the test you need to setup the SAM resources, see template.yaml for details. Add the generated cloudformation output to the .env
file, see template .env.template for details.
sam build
sam deploy --guided
Honorable Mentions
This project is based on npmjs.com/package/superagent-aws-signed-request and was updated to meet our needs.
License
This project is licensed under the MIT License.