AWS Signature Node
The AWS Signature Node allows the creation of signature components that are used to authenticate requests to AWS.
AWS Signature is an authentication method that ensures that requests sent to AWS services are secure and come from a trusted source. The signing process protects the data and ensures that only authorized users can access AWS resources. This node allows this signature to be calculated for any AWS service.
Node Properties
There are three main configuration sections for the AWS Signature Node ...
Credential Configuration
There are two options for configuring credentials:
- Choose a Service Credential: Retrieves your AWS credentials from the selected service credential.
- Credential Name Template: Choose which of your application's AWS service credentials you would like to use. Note: Service credentials are not accessible from Edge Workflows, so only direct configuration is available for them. This field is templatable.
- Enter Connection Info: Configure the AWS credentials directly within the node. All fields are required.
- AWS Region Template: The AWS region to connect to. This field is templatable.
- AWS Access Key ID Template: The AWS access key ID associated with the AWS account you wish to use. This field is templatable.
- AWS Secret Access Key Template: The AWS secret access key associated with the AWS account you wish to use. This field is templatable.
We recommend that you create an AWS Key/Secret pair specifically for use in the Workflow Engine - a key that only has access to the proper AWS S3 buckets. We also recommend that you store these values as service credentials.
Signature Configuration
-
AWS Service
- Description: The AWS service to which the request is being made.
- Example:
ce,s3,ec2,lambda,athena, etc.
- Example:
- Description: The AWS service to which the request is being made.
-
Request Endpoint
- Description: The request endpoint that will be called with the calculated signature.
- Example:
"https://sqs.us-east-1.amazonaws.com/1234567890/MyQueue"
- Example:
- Description: The request endpoint that will be called with the calculated signature.
-
Request Method
- Description: The HTTP method of the request.
- Example:
GET,POST,PUT,DELETE, orPATCH
- Example:
- Description: The HTTP method of the request.
-
JSON Custom Headers
- Description: The HTTP request headers that should be included in the signature in JSON format.
- Example:
{
"x-amz-target":"AmazonSQS.ReceiveMessage"
}
- Example:
- Description: The HTTP request headers that should be included in the signature in JSON format.
-
Request Body
- Description: The HTTP request stringified body, if any.
- Example:
{{jsonEncode theRequestBody}}
- Example:
- Description: The HTTP request stringified body, if any.
Output
Provide a Result Path as a payload path for where the result of the operation will be placed. This value is required.
Node Example
The node outputs the signature result as a json object in the following format:
{
"hostname": "sqs.us-east-2.amazonaws.com",
"path": "/1234567890/MyQueue",
"method": "POST",
"headers": {
"Host": "sqs.us-east-2.amazonaws.com",
"x-amz-target": "AmazonSQS.ReceiveMessage",
"x-amz-date": "20260223T192024Z",
"x-amz-content-sha256": "008e5e74fda8fa7aeeae9a07128df912e6c930baac996ff244986a846ecd0d19",
"authorization": "*****REDACTED*****"
}
}
Once you have the node result, you can use the generated headers by including them in the request to the AWS service.
Node Errors
In the case of an error, the resulting object will contain an error key instead of the normal signature properties.
{
"error": "The parameter \"url\" should be a valid URL."
}
Was this page helpful?
Still looking for help? You can also search the WEGnology Forums or submit your question there.