How does AWS IAM can decode signatures sent from terraform?

Issue

This Content is from Stack Overflow. Question asked by RyooChan

Now I am trying to copy IAM by using go, terraform, and Vault.
But I encountered problem with terraform‘s secret_key

this is my terraform provider code…


provider "aws" {  
  alias = "aws_2"

  secret_key = "my secret key..." 
  access_key = "my access key..." 

  ###  elbv2 ###
  region = "ap-northeast-2"
                                                                                                                                                                                                               
}

with this, this terraform is communicating with my go server.
And I confirmed access key is contained at header‘s authorization states, but I think my secret key may be located at signature with encoded state.

Problem is that, terraform‘s signature encrypt algorithm is SHA256, so I don’t have any solution that can decrypt it.

How does AWS decrypt this, and can I copy it?? Thank you.



Solution

This question is not yet answered, be the first one who answer using the comment. Later the confirmed answer will be published as the solution.

This Question and Answer are collected from stackoverflow and tested by JTuto community, is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.

people found this article helpful. What about you?