Skip to content

Commit a77c3e6

Browse files
jsecchierojsecchiero
committed
feat(proxy-sigv4-backend): add region and service options
Signed-off-by: jsecchiero <secchierojacopo@gmail.com>
1 parent d9eb5b0 commit a77c3e6

File tree

2 files changed

+20
-2
lines changed

2 files changed

+20
-2
lines changed

plugins/proxy-sigv4-backend/README.md

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -112,16 +112,21 @@ proxysigv4:
112112
113113
### Expanded form
114114
115-
The expanded form is necessary when an `AssumeRole` call _is_ required, _or_ if the target API service and region cannot
115+
The expanded form is necessary when:
116+
* `AssumeRole` call _is_ required, _or_ if the target API service and region cannot
116117
be automatically derived from the URL (commonplace when a custom domain name has been configured for an API Gateway
117118
endpoint).
119+
* The service if not possible to determine it automatically.
120+
* The region if not possible to determine it automatically.
118121

119122
```yaml
120123
proxysigv4:
121124
'/some-local-path':
122125
target: 'https://<API ID>.execute-api.<region>.amazonaws.com'
123126
roleArn: 'arn:aws:iam::<account>:role/<name>'
124127
roleSessionName: tempAssumeRoleSession ## optional
128+
service: '<service>' ## optional
129+
region: '<region>' ## optional
125130
```
126131

127132
### New Auth Services - Unauthorized Requests

plugins/proxy-sigv4-backend/src/service/router.ts

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,8 @@ export interface RouteConfig {
4545
target: string;
4646
roleArn?: string;
4747
roleSessionName?: string;
48-
// TODO: support specifying/overriding `service` and `region` for CNAME'd endpoints
48+
service?: string;
49+
region?: string;
4950
// TODO: support specifying additional allowed forward headers
5051
}
5152

@@ -71,6 +72,14 @@ export function normalizeRouteConfig(config: any): RouteConfig {
7172
throw new TypeError(`Route target must be a string`);
7273
}
7374

75+
if (fullConfig.service && typeof fullConfig.service !== 'string') {
76+
throw new TypeError(`Route service must be a string`);
77+
}
78+
79+
if (fullConfig.region && typeof fullConfig.region !== 'string') {
80+
throw new TypeError(`Route region must be a string`);
81+
}
82+
7483
try {
7584
// eslint-disable-next-line no-new
7685
new URL(fullConfig.target! as string);
@@ -122,6 +131,8 @@ export async function buildMiddleware(
122131
target,
123132
roleArn,
124133
roleSessionName = 'backstage-plugin-proxy-sigv4-backend',
134+
region,
135+
service,
125136
} = routeConfig;
126137

127138
const credentialsProvider = roleArn
@@ -187,6 +198,8 @@ export async function buildMiddleware(
187198
host: targetUrl.host,
188199
path: req.url, // path + search
189200
headers: requestHeaders,
201+
service: service,
202+
region: region,
190203
};
191204

192205
// TODO: support other content types with bodies

0 commit comments

Comments
 (0)