SNS Verify HTTPS endpoint signature

[danilofuchs]

Describe the feature

I would like an SNS command to verify a request signature from SNS

https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html

I found an open source option: https://www.npmjs.com/package/sns-payload-validator

Use Case

When subscribing to SNS via HTTP/HTTPS, I would like to make sure it comes from AWS SNS

Proposed Solution

A new command to verify a request body, managing certs, signature versions, etc.

Other Information

No response

Acknowledgements

• [ ] I may be able to implement this feature request
• [ ] This feature might incur a breaking change

SDK version used

3.577.0

Environment details (OS name and version, etc.)

Linux

[aBurmeseDev]

Hi @danilofuchs - thanks for reaching out.

I'm trying to understand how open-source validator you mentioned functions differently from service default verify behavior and this'd also be considered higher level library that's built using SDK but not natively to it. There are some customizations that had previously worked on but it has to be cross-SDK request to keep it consistent. As our main focus here is to improve SDK itself, I doubt that this would be considered, unfortunately.

[github-actions[bot]]

This issue has not received a response in 1 week. If you still think there is a problem, please leave a comment to avoid the issue from automatically closing.

[github-actions[bot]]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.