Skip to main content

AWS SigV4 Authorization: Utilize AWS Calls in HTTP Step

Use AWS SigV4 authorization for secure and automated cloud operations with Torq's custom HTTP request step

Updated over a week ago

Easily leverage AWS Rest API calls with the Send HTTP request step using the AWS SigV4 Authorization type. You can securely and quickly integrate with AWS to easily automate all your AWS cloud needs with one step.

Save Access Keys in Torq's Custom Secrets

Get AWS Access Information

  1. Root User: Create an access key from within the AWS root user.

  2. AWS Management: Navigate to AWS Management Console > Security Credentials and click Access Keys.

  3. Create Access Key: Click Create access key, review the security recommendations, and choose Create access key.

    1. You can create two keys per user.

  4. Retrieve Access Key: Navigate to the Retrieve Access Key page and click the newly created key.

  5. Retrieve Secret: Under Secret access key, click Show and copy both the access key ID and secret key. Save them somewhere secure for later use in Torq.

  6. Finalize: Click Done.

Securely Save the Access Information in Torq

  1. Navigate to Integration: Go to Build > Integrations > Custom Secrets and click Add.

  2. Create AWS Access Key ID Secret:

    1. Under Secret Name, give the secret a meaningful name, such as Access Key AWS SigV4.

    2. Under Secret Value, paste the access key ID you copied earlier from AWS.

    3. Click Add.

  3. Add Another Secret: Click Add Instance again to add another secret.

  4. Create AWS Secret Access Secret:

    1. Under Secret Name, give the secret a meaningful name, such as Secret Access AWS SigV4.

    2. Under Secret Value, paste the secret access you copied earlier from AWS.

    3. Click Add.

Authorize Calls with AWS SigV4

  1. Drag & Drop: Drag and drop the Send HTTP request step into your workflow.

  2. Fill in Parameters:

    1. Paste the call request URL under URL.

    2. Pick the appropriate call method.

    3. Under Authorization, pick AWS SigV4.

  3. Authorize:

    1. Under AWS access key ID, navigate to $.secrets and pick the Access Key secret you created earlier.

    2. Under AWS secret access, navigate to $.secrets and pick the Secret Access secret you created earlier.

    3. Choose the AWS service you want to use from the dropdown menu or from the workflow context. The dropdown options include:

      • S3

      • EC2

      • Lambda

      • IAM

      • DynamoDB

      • GuardDuty

      • WAF

    4. Choose the relevant AWS region from the dropdown menu or pass it through the workflow context.

      1. Note that some regions require the region to be included in both the endpoint (URL) and the selection. Ex. https://s3.amazonaws.com/ works if the region is us-east-1 but will fail if the region is mx-central-1, unless the endpoint is updated to e.g https://s3.mx-central-1.amazonaws.com/.

  4. Execute: Click Execute to test the step, and then check the Execution Log to see if everything is running as expected.

Related Articles
Amazon Security Hub
Orca Security
Wiz
Integrate External Secret Stores with Torq for Enhanced Security
Sweet Security
Did this answer your question?