A small utility to sign vanilla node.js http(s) request options using Amazon's AWS Signature Version 2.
This signature is supported by a number of (older) Amazon services, including EC2, ElastiCache, Elastic MapReduce, ImportExport and SimpleDB.
It also provides defaults for a number of core AWS headers and request parameters, making it a very easy to query AWS services, or build out a fully-featured AWS library.
NB: It is preferrable to use the newer, more secure aws4 over this library for AWS services that support AWS Signature Version 4.
var http = require('http')
, https = require('https')
, aws2 = require('aws2')
// given an options object you could pass to http.request
var opts = { host: 'sns.us-east-1.amazonaws.com', path: '/?Action=ListTopics' }
aws2.sign(opts) // assumes AWS credentials are available in process.env
console.log(opts)
/*
{
host: 'sns.us-east-1.amazonaws.com',
path: '/?Action=ListTopics&Timestamp=2013-01-12T01%3A25%3A55.553Z&SignatureVersion=2&SignatureMethod=...'
headers: { Host: 'sns.us-east-1.amazonaws.com' }
}
*/
// we can now use this to query AWS using the standard node.js http API
http.request(opts, function(res) { res.pipe(process.stdout) }).end()
/*
<?xml version="1.0"?>
<ListTopicsResponse xmlns="http://sns.amazonaws.com/doc/2010-03-31/">
...
*/
// you can pass AWS credentials in explicitly
aws2.sign(opts, { accessKeyId: '', secretAccessKey: '' })
// aws2 can infer the host from a service and region
opts = aws2.sign({ service: 'sns', region: 'us-east-1', path: '/?Action=ListTopics' })
// create a utility function to pipe to stdout (with https this time)
function request(o) { https.request(o, function(res) { res.pipe(process.stdout) }).end(o.body || '') }
// aws2 can infer the HTTP method if a body is passed in
// method will be POST and Content-Type: 'application/x-www-form-urlencoded; charset=utf-8'
request(aws2.sign({ service: 'ec2', body: 'Action=DescribeRegions&Version=2012-12-01' }))
/*
<?xml version="1.0" encoding="UTF-8"?>
<DescribeRegionsResponse xmlns="http://ec2.amazonaws.com/doc/2012-12-01/">
...
*/
// can specify any custom option or header as per usual
request(aws2.sign({
service: 'elasticmapreduce',
region: 'ap-southeast-2',
method: 'POST',
path: '/',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: 'Action=DescribeJobFlows&Version=2009-03-31'
}))
/*
<DescribeJobFlowsResponse xmlns="http://elasticmapreduce.amazonaws.com/doc/2009-03-31">
...
*/
// works with all other services that support Signature Version 2
request(aws2.sign({ service: 'elasticache', path: '/?Action=DescribeCacheClusters&Version=2012-11-15' }))
/*
<DescribeCacheClustersResponse xmlns="http://elasticache.amazonaws.com/doc/2012-11-15/">
...
*/
request(aws2.sign({ service: 'importexport', path: '/?Action=ListJobs&Version=2010-06-01' }))
/*
<ListJobsResponse xmlns="http://importexport.amazonaws.com/doc/2010-06-01/">
...
*/
request(aws2.sign({ service: 'sdb', path: '/?Action=ListDomains&Version=2009-04-15' }))
/*
<?xml version="1.0"?>
<ListDomainsResponse xmlns="http://sdb.amazonaws.com/doc/2009-04-15/">
...
*/
This calculates and populates the Signature param of either
requestOptions.path or requestOptions.body depending on whether it is
a GET or POST request. Returns requestOptions as a convenience for
chaining.
requestOptions is an object holding the same options that the node.js
http.request
function takes.
The following properties of requestOptions are used in the signing or
populated if they don't already exist:
hostname or host (will be determined from service and region if not given)method (will use 'GET' if not given or 'POST' if there is a body)path (will use '/' if not given)body (will use '' if not given)service (will be calculated from hostname or host if not given)region (will be calculated from hostname or host or use 'us-east-1' if not given)headers['Host'] (will use hostname or host or be calculated if not given)headers['Content-Type'] (will use 'application/x-www-form-urlencoded; charset=utf-8'
if not given and there is a body)headers['Date'] (used to calculate the signature date if given, otherwise new Date is used)Your AWS credentials (which can be found in your AWS console) can be specified in one of two ways:
aws2.sign(requestOptions, {
secretAccessKey: "<your-secret-access-key>",
accessKeyId: "<your-access-key-id>"
})
process.env, such as this:export AWS_SECRET_ACCESS_KEY="<your-secret-access-key>"
export AWS_ACCESS_KEY_ID="<your-access-key-id>"
(will also use AWS_ACCESS_KEY and AWS_SECRET_KEY if available)
With npm do:
npm install aws2
FAQs
Signs and prepares requests using AWS Signature Version 2
The npm package aws2 receives a total of 19 weekly downloads. As such, aws2 popularity was classified as not popular.
We found that aws2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports Scala and Kotlin, bringing AI-powered threat detection to JVM projects with easy manifest generation and fast, accurate scans.
Application Security
/Security News
Socket CEO Feross Aboukhadijeh and a16z partner Joel de la Garza discuss vibe coding, AI-driven software development, and how the rise of LLMs, despite their risks, still points toward a more secure and innovative future.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.