sigv4 | crates implements

I have a Go service that needs to connect Keyspaces on AWS. My pod has a role and AWS_SECRET_ACCESS_KEY, AWS_ACCESS_KEY_ID and AWS_SESSION_TOKEN env vars.

I want to use aws SDK v2. What credential provider should I use? ec2rolecreds or other one (maybe stscreds)?

I tried to implement example from here. But I get an error

Specs:

• The serverless Amazon MSK that's in preview.
• t2.xlarge EC2 instance with Amazon Linux 2
• Installed Kafka from https://dlcdn.apache.org/kafka/3.0.0/kafka_2.13-3.0.0.tgz
• openjdk version "11.0.13" 2021-10-19 LTS
• OpenJDK Runtime Environment 18.9 (build 11.0.13+8-LTS)
• OpenJDK 64-Bit Server VM 18.9 (build 11.0.13+8-LTS, mixed mode, sharing)
• Gradle 7.3.3
• https://github.com/aws/aws-msk-iam-auth, successfully built.

I also tried adding IAM authentication information, as recommended by the Amazon MSK Library for AWS Identity and Access Management. It says to add the following in config/client.properties:

I am trying with no luck to connect with websockets to aws iot with aws-iot-sdk. I'm getting the error "Failed to read credentials for AWS_PROFILE default from undefined" on browser console + "To connect via WebSocket/SigV4, AWS Access Key ID and AWS Secret Key must be passed either in options or as environment variables; see README.md" + "Uncaught Error: Invalid connect options supplied."

It's my first time posting here, so please be patience if you think my way of describing isn't good:(

Btw i have set all the required credentials right according to this exampleenter link description here I gave admin privileges to IAM user too.

I built a couple of test IoT hardware devices for home automation which I want to control with an Android app I also wrote. The app will be used by several people.

My plan is to use Amazon IoT Core to let the apps send MQTT commands to the IoT devices.

Since my hardware devices are not very powerful (ESP8266 architecture) I'm going to authenticate via the Signature Version 4 (SigV4) scheme. This auth scheme is useful when the hardware device is not powerful enough to authenticate via the standard privatekey/certificate method; it requires a pair of key/secret IAM credentials to be hardcoded into the device firmware (instead of the certificate and private key).

I then created a test "thing" in the IoT Core console and I can successfully send commands from the apps to the devices (and receive data from the devices and show them on the apps).

My question is, do I need to create as many "things" as the IoT devices? Since each device will have its own IAM credentials, can I just use one shared "thing" for all the IoT devices?

I can't find any best practice online, not even on the official documentation.

I'm new to server authentication. I'd like a simple way to have a server Main receive REST commands (GET, POST, etc.) from other servers (e.g., A and B) in a secure manner.

I read about oAuth2 and oAuth1.0a but I think having a "resource" server and refresh tokens, etc. is an overkill. The simplest two ways I could find are:

• Have servers A and B generate a key pair, give the public keys to the server Main beforehand (or have it accessible through a /publickey route), use digital signatures to sign a nonce every time an HTTP request goes from A->Main or B->Main, and have Main check if the DS is correct.
• Do the above, but use symmetric keys, IDs and HMACs (i.e., Main knows that A has key XXX, so when it receives a request claiming it's from A, it'll run an HMAC on the received nonce and compare it with the received HMAC)

Please assume that all of the above is done over HTTP, so MITM is a true issue

I found the following references that point to something similar, but I'd really like an 'official' protocol, that's vetted and guaranteed to be cryptographically-sane:

• https://wiki.c2.com/?HmacUserAuthentication
• https://github.com/acquia/http-hmac-spec
• https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html

I am having a legacy ruby daemon script that runs on a linux server. On upgrading all ruby and gem package versions with in the instance, the daemon script is now erroring out. Same error I am getting with in irb

**

when I execute

I want to expand my software, written in JavaFX, with Amazon Chime API to consume its messaging. I know there's JS SDK that allows establish messaging websocket session with no problems. But in java SDK there're no related classes. So I want to use STOMP library to consuming the websocket endpoint.

At the time I am struggling with making correct request, namely with signing AWS request (calculating X-AMZ-Signature)

According to the post I'm trying to calculate correct X-AMZ-Signature request parameter. Here's the class:

I'm using Flutters' aws_s3_upload plugin which I found on Github. I am able to upload images to my AWS s3 bucket. However, the images are missing the "image/jpeg" mime/type required so that I may view them in a browser window as images.

At the moment when clicking on the URL the image downloads instead of appearing in my browser. Can I update this code so that it is uploaded to my S3 bucket as an image?