Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/monken/aws4-proxy

Fast, low-footprint aws4 signing proxy with WebSocket support
https://github.com/monken/aws4-proxy

Last synced: 3 months ago
JSON representation

Fast, low-footprint aws4 signing proxy with WebSocket support

Host: GitHub
URL: https://github.com/monken/aws4-proxy
Owner: monken
License: apache-2.0
Created: 2020-03-05T15:31:24.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2021-11-16T22:09:35.000Z (about 3 years ago)
Last Synced: 2024-09-13T22:36:31.101Z (4 months ago)
Language: TypeScript
Homepage:
Size: 45.9 KB
Stars: 5
Watchers: 3
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

[![npm](http://img.shields.io/npm/v/aws4-proxy.svg?style=flat-square)](https://npmjs.org/package/aws4-proxy)
![GitHub Workflow Status](https://img.shields.io/github/workflow/status/monken/aws4-proxy/build?style=flat-square)
![Apache License](https://img.shields.io/badge/license-Apache--2.0-yellow?style=flat-square)
![Dependencies](https://img.shields.io/badge/dependencies-2-blue?style=flat-square)

# aws4-proxy

**Fast, low-footprint aws4 signing proxy with WebSocket support**

```bash
# Create a signing proxy to S3 and then use the CLI to access without signing
aws4-proxy --service s3 --region us-east-1
aws s3 ls --endpoint http://localhost:3000 --no-sign-request

# Proxy to an API Gateway with AWS_IAM authentication and query using curl
aws4-proxy --service execute-api --region eu-west-1 --endpoint api.mycorp.com
curl http://localhost:3000/v1/my-api/

# Proxy to an Elasticsearch instance with IAM authentication and open Kibana
aws4-proxy --service es --region us-east-2 --endpoint search-nfvgk3cqs3nk3u.us-east-2.es.amazonaws.com
open http://localhost:3000/_plugin/kibana/

# Proxy to a Neptune DB that sits behind a Network Load Balancer with a custom domain name
aws4-proxy --service neptune-db --endpoint neptune.mycorp.com --endpoint-host cluster-die4eenu.cluster-eede5pho.eu-west-1.neptune.amazonaws.com --region eu-west-1
wscat localhost:3000/gremlin
```

**Command line options:**

Options:
* `--help` Show help [boolean]
* `--service` **string** [required]
* `--region` **string** [required] [default: "AWS_DEFAULT_REGION"]
* `--version` Show version number **boolean**
* `--level` [default: "info"]
* `--host`, `-h` [default: "127.0.0.1"]
* `--port`, `-p` **number** [default: 3000]
* `--endpoint` **string**

Required for services that provide a unique endpoint per resource such as the API Gateway, Neptune, Elasticsearch Service, etc.
* `--endpoint-host` **string**

If the endpoint is accessed via a custom hostname (e.g. using a CNAME record or a custom load balancer) provide the original endpoint hostname. Depending on the service, this is required for the signature to be valid.

## Installation

```bash
npm install --global aws4-proxy

# or without installing
npx aws4-proxy --help
```

## Authentication

The proxy will check for the availability of the `aws-sdk` package (not installed as part of this package). If available it uses the [`CredentialProviderChain`](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CredentialProviderChain.html) class which will automatically locate and load credentials. If the package is not available, credentials are loaded from environment variables only (`AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` and optionally `AWS_SESSION_TOKEN`).

## Features

* Supports WebSocket (e.g. Neptune, API Gateway)
* No limit on body size
* Efficient and fast
* Few external dependencies
* Supports proxying Kibana for Elasticsearch Service
* Ability to separately define the hostname used for signing (necessary if your endpoint is behind a custom domain)