AWS signature V4 library for OpenResty + Lua
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 13 commits ahead of grosskur:master.
Failed to load latest commit information.
lib/resty Add license to lib/resty/aws-signature.lua Sep 25, 2018 Create Sep 20, 2018
LICENSE Create LICENSE Sep 20, 2018 Improve Sep 20, 2018
dist.ini Fix dist.ini configuration Sep 20, 2018


This library is based on the work of Alan Grosskurth at It is basically forked from his repository and we change the HMAC library used.


This library implements request signing using the AWS Signature Version 4 specification. This signature scheme is used by nearly all AWS services.

AWS documentation


This library uses standard AWS environment variables as credentials to generate AWS Signature Version 4.


To be accessible in your nginx configuration, these variables should be declared in nginx.conf file.

#user  nobody;
worker_processes  1;

error_log  /dev/fd/1 debug;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/;


events {
    worker_connections  1024;

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /dev/stdout;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;

You can then use the library to add AWS Signature headers and proxy_pass to a given S3 bucket.

set $bucket 'example';
set $s3_host $;

location / {
  access_by_lua_block {
    require("").s3_set_headers(ngx.var.s3_host, ngx.var.uri)

  proxy_pass https://$s3_host;

Note: you have to set either s3-<region> or s3 as subdomain of depending on your need. s3 will use us-east-1 region.


Check for more information.


Copyright 2018 JobTeaser

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.