tldw: you send your `id` along with fancy `hash(key_for_that_id)`. AWS can then look up their stored copy of `key_for_that_id` and calculate hash(key_for_that_id) on their end. As long as the two hashes match, all is well. [Fancy here means they also take region, service name, date, url into account etc]
These sub keys (hashes) are generated when a secret access key is requested and propagated to services at that time, right? The way it was explained made it sound like there was some batch job generating keys every day
I created a lambda with a function URL. is there a straightforward example for making a call to this URL with fetch, or jquery ajax, etc. ? ( or even axios within react )
So, why didn't you just remove region information from the hmac hash to make token work across regions? It must have been very expensive to optimize performance for public/private key encryption considering AWS scale
tldw: you send your `id` along with fancy `hash(key_for_that_id)`. AWS can then look up their stored copy of `key_for_that_id` and calculate hash(key_for_that_id) on their end. As long as the two hashes match, all is well.
[Fancy here means they also take region, service name, date, url into account etc]
Here you dropped your 👑
one of the best video explaining sigv4(a)!
These sub keys (hashes) are generated when a secret access key is requested and propagated to services at that time, right? The way it was explained made it sound like there was some batch job generating keys every day
Currently curl 7.75+ supports Sigv4. It would help drive adoption of Sigv4a if curl supports it.
Nice lecture! Could you please add all the videos to a series tutorial playlist? Thanks!
The red phone is for calling Jeff Bezos when quantum computers break RSA.
I created a lambda with a function URL. is there a straightforward example for making a call to this URL with fetch, or jquery ajax, etc. ? ( or even axios within react )
how to do that with laravel , or php through sdk? there’s no clear ref?
Could you link the tweet/docs you are mentioning at 39:09 please?
So, why didn't you just remove region information from the hmac hash to make token work across regions?
It must have been very expensive to optimize performance for public/private key encryption considering AWS scale
Because that isn’t allowed, it is not hard to gen another sig for another region
Is that red phone behind just for decoration? :)
It's how I leave the matrix. It's a working phone!
@@ShuffleSharding 😮
something funny about discussing cutting edge security tech and relying on holding up sheets of paper to the camera 🤣🤣
better if you explain with diagram (visualization method), not easy to follow and had to stop watching and look for another resource