APIs in Action
The AWS signature generation process is currently on its 4th version, and an
involved discussion would be needed to cover it, so we're going to employ a
third-party library, that is, requests-aws4auth. This is a companion library for
the Requests module that automatically handles signature generation for us. It's
available at PyPi. So, install it on a command line with the help of pip:
$ pip install requests-aws4auth
Downloading/unpacking requests-aws4auth
Setting up an AWS user
To use authentication, we need to acquire some credentials.
We will set this up through the AWS Console. Once you've registered with AWS, log
into the Console at https://console.aws.amazon.com.
Once you are logged in, you need to perform the steps shown here:
- Click on your name at the top-right, and then choose Security Credentials.
- Click on Users, which is on the list in the left-hand side of the screen, and
then click on the Create New Users button at the top. - Type in the username, and make sure that Generate an access key for each
user has been checked, and then click on the Create button in the bottom
right-hand corner.
You'll see a new page saying that the user has been created successfully. Click on
the Download credentials button at the bottom right corner to download a CSV file,
which contains the Access ID and Access Secret for this user. These are important
because they will help in authenticating ourselves to the S3 API. Make sure that you
store them securely, as they will allow full access to your S3 files.
Then, click on Close at the bottom of the screen, and click on the new user in the
list that will appear, and then click on the Attach Policy button. A list of policy
templates will appear. Scroll down this list and select the AmazonS3FullAccess
policy, as shown in the following screenshot: