Signing Requests

Explore how AWS uses access and secret keys with Signature Version 4 to authorize service requests. Understand how to create temporary signed grants for secure client uploads to S3 using Lambda functions, including setting upload constraints and handling redirects. This lesson equips you with practical skills to implement safe, serverless upload workflows.

We'll cover the following...

IAM user keys
- s3.createPresignedPost
- requestContext
Upload constraints

IAM user keys

To explain how temporary grants work, you first need to understand the role of the security keys you entered when configuring command-line access in Chapter 2.

Each IAM user has two keys:

an access key
a secret key

When the SDK makes a request to an AWS service, for example s3.putObject(), it sends the access key in the request headers. This allows the service to map the request to an AWS account. The SDK also sends a cryptographic signature based on the request body and the secret key using Amazon’s Signature Version 4 Signing Process ...

1.Getting Started

2.Setup Tools for Local Development

3.Creating a Web Service

Cloud Lab

4.Development and Troubleshooting

5.Core Features of AWS Lambda

6.Handling HTTP Requests

7.Using External Storage

8.Cheaper, Faster, Serverless

9.Handling Platform Events

10.Using Application Components

11.Managing Sessions and User Workflows

12.Designing Robust Applications

13.Deployment Options

Cloud Lab

Signing Requests

IAM user keys