概要
AWS SigV4 (Signature Version 4) は、AWSのAPIリクエストを認証するための署名方法です。この署名プロトコルは、リクエストが正当なものであり、AWSアカウントの認証情報を使って送信されたことを証明するために使用されます。SigV4は、AWSのサービスにアクセスする際のセキュリティを強化するために使われる重要な技術です。
curlで使えた
--aws-sigv4 <provider1[:prvdr2[:reg[:srv]]]>
(HTTP) Use AWS V4 signature authentication in the transfer.
The provider argument is a string that is used by the algorithm when creating outgoing authentication headers.
The region argument is a string that points to a geographic area of a resources collection (region-code) when the region name is omitted from the endpoint.
The service argument is a string that points to a function provided by a cloud (service-code) when the service name is omitted from the endpoint.
If --aws-sigv4 is provided several times, the last set value is used.
Example:
curl --aws-sigv4 "aws:amz:us-east-2:es" --user "key:secret" https://example.com
Added in 7.75.0. See also --basic and -u, --user.
GoでOpenSearchに対して通信する
package main import ( "context" "encoding/json" "fmt" "log" "github.com/aws/aws-sdk-go-v2/config" "github.com/opensearch-project/opensearch-go/v2" requestsigner "github.com/opensearch-project/opensearch-go/v2/signer/awsv2" ) func main() { ctx := context.Background() cfg, _ := config.LoadDefaultConfig(ctx) signer, _ := requestsigner.NewSigner(cfg) endpoint := "ドメイン" client, _ := opensearch.NewClient(opensearch.Config{ Addresses: []string{endpoint}, Signer: signer, }) if info, err := client.Info(); err != nil { log.Fatal("info", err) } else { var r map[string]interface{} json.NewDecoder(info.Body).Decode(&r) version := r["version"].(map[string]interface{}) fmt.Printf("%s: %s\n", version["distribution"], version["number"]) } }
