AWS Request Signing

Third Party

Enable AWS Request Signingv3.4+

Enable the AWS Request Signing plugin.

Prerequisites

Environment variables

  • ASSUME_ROLE_ARN: The ARN of the AWS IAM Role to assume before making the request to the AWS service. For example, "arn:aws:iam::123456789012:role/example-role".

  • ASSUME_ROLE_NAME: The name of the AWS IAM Role to assume before making the request to the AWS service. For example, example-role.

  • TARGET_HOST: An optional hostname or IP to use instead of the one specified in the AWS service’s endpoint.

  • AWS_REGION: The AWS region in which AWS service is running. For example, us-east-1.

Set up the plugin

Add this section to your declarative configuration file:

_format_version: "3.0"
plugins:
  - name: aws-request-signing
    config:
      aws_assume_role_arn: ${{ env "DECK_ASSUME_ROLE_ARN" }}
      aws_assume_role_name: ${{ env "DECK_ASSUME_ROLE_NAME" }}
      aws_region: ${{ env "DECK_AWS_REGION" }}
      aws_service: lambda
      override_target_host: ${{ env "DECK_TARGET_HOST" }}
      override_target_port: 443
      override_target_protocol: https
Copied to clipboard!

Did this doc help?

Something wrong?

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!