Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
How does app mesh handle sig v4? #187
Hey @chenrui333 I'm assuming you are asking about how our Envoy proxy integrates with AWS IAM using sig v4.
Right now, the envoy image we distribute for use with App Mesh, is a fork of of Envoy with a custom extension that sig v4-signs requests made via Envoy's xDS protocol. Since xDS uses a GRPC protocol (which is in turn HTTP/2) we can trivially apply the sig v4 algorithm on it.
We are looking to upstream this extension to the official project so customers can ultimately just use an unaltered Envoy build (or their own custom build) on App Mesh. In fact, the integration is almost complete. I have a final pull request open that will enable the extension: envoyproxy/envoy/pull/7532