def get_aws_auth_headers(sagemaker_config):
credentials = boto3.Session().get_credentials()
sagemaker_auth = auth.SigV4Auth(credentials, "sagemaker",
sagemaker_config.region)
data = read_input_data(sagemaker_config.data_path,
sagemaker_config.content_type)
aws_request = AWSRequest(
method="POST",
url=sagemaker_config.full_endpoint,
headers={"Content-type": sagemaker_config.content_type},
data=data[0])
sagemaker_auth.add_auth(aws_request)
return aws_request.headers
def sign_headers(*, url: str, payload: Dict):
'''Sign AWS API request headers'''
segments = urllib.parse.urlparse(url).netloc.split('.')
service = segments[0]
region = segments[1]
request = awsrequest.AWSRequest(
method='POST',
url=url,
data=json.dumps(payload),
)
auth.SigV4Auth(AWS_CREDENTIALS, service, region).add_auth(request)
return dict(request.headers.items())
def _get_v4_signed_headers(self):
"""Returns V4 signed get-caller-identity request headers"""
if self.aws_session is None:
boto_session = session.Session()
creds = boto_session.get_credentials()
else:
creds = self.aws_session.get_credentials()
if creds is None:
raise CerberusClientException("Unable to locate AWS credentials")
readonly_credentials = creds.get_frozen_credentials()
# hardcode get-caller-identity request
data = OrderedDict((('Action','GetCallerIdentity'), ('Version', '2011-06-15')))
url = 'https://sts.{}.amazonaws.com/'.format(self.region)
request_object = awsrequest.AWSRequest(method='POST', url=url, data=data)
signer = auth.SigV4Auth(readonly_credentials, 'sts', self.region)
signer.add_auth(request_object)
return request_object.headers