Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How does app mesh handle sig v4? #187

Closed
chenrui333 opened this issue Aug 7, 2019 · 2 comments

Comments

@chenrui333
Copy link

commented Aug 7, 2019

Curious about how does app mesh integrate with sig v4 check.

Thanks!

@lavignes

This comment has been minimized.

Copy link
Contributor

commented Aug 7, 2019

Hey @chenrui333 I'm assuming you are asking about how our Envoy proxy integrates with AWS IAM using sig v4.

Right now, the envoy image we distribute for use with App Mesh, is a fork of of Envoy with a custom extension that sig v4-signs requests made via Envoy's xDS protocol. Since xDS uses a GRPC protocol (which is in turn HTTP/2) we can trivially apply the sig v4 algorithm on it.

We are looking to upstream this extension to the official project so customers can ultimately just use an unaltered Envoy build (or their own custom build) on App Mesh. In fact, the integration is almost complete. I have a final pull request open that will enable the extension: envoyproxy/envoy/pull/7532

@lavignes lavignes added the question label Aug 14, 2019

@lavignes

This comment has been minimized.

Copy link
Contributor

commented Aug 14, 2019

@chenrui333 I'm going to assume this answers your question for now. Feel free to re-open if I misinterpreted the question or need more clarification.

@lavignes lavignes closed this Aug 14, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.