通过设置API网关调用Amazon Kinesis的REST API [英] Call REST API for Amazon Kinesis with Setting up API Gateway

问题描述

我正在尝试发送HTTP发布请求以将记录放入Amazon Kinesis Stream.有几种方法(Kinesis Client，KPL，将AWS Gateway设置为Kinesis Proxy).

I am trying to send a HTTP Post Request to put a record into Amazon Kinesis Stream. There are several ways (Kinesis Client, KPL, setting up AWS Gateway as Kinesis Proxy).

我看到了有关Kinesis PutRecord API的文档 http://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html

I saw this document about Kinesis PutRecord API http://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html

POST / HTTP/1.1
Host: kinesis.<region>.<domain>
Content-Length: <PayloadSizeBytes>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Authorization: <AuthParams>
Connection: Keep-Alive 
X-Amz-Date: <Date>
X-Amz-Target: Kinesis_20131202.PutRecord
{
  "StreamName": "exampleStreamName",
  "Data": "XzxkYXRhPl8x",
  "PartitionKey": "partitionKey"
}

是否可以将上述HTTP POST请求发送到PutRecord，而不必按照此链接中的说明设置Amazon API Gateway: http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html#call-api-with-api-gateway-custom-authorization

Is it possible to send the above HTTP POST Request to PutRecord without having to set up Amazon API Gateway as explained in this link: http://docs.aws.amazon.com/apigateway/latest/developerguide/use-custom-authorizer.html#call-api-with-api-gateway-custom-authorization

KPL和Kinesis Client必须以某种方式在内部使用HTTP POST到PutRecord，因此必须有一种方法.不幸的是，我无法在线找到任何资源.

KPL and Kinesis Client must somehow internally use HTTP POST to PutRecord, so there must be a way to do so. Unfortunately, I could not find any resources online.

推荐答案

import sys, os, base64, datetime, hashlib, hmac
import requests # pip install requests
# ************* REQUEST VALUES *************
method = 'POST'
service = 'kinesis'
host = 'kinesis.us-east-1.amazonaws.com'
region = 'us-east-1'
endpoint = 'https://kinesis.us-east-1.amazonaws.com'
content_type = 'application/x-amz-json-1.1'

amz_target = 'Kinesis_20131202.PutRecord'
request_parameters = '{'
request_parameters += '"StreamName": "<StreamName>",'
request_parameters += '"Data": "' + base64.b64encode(<DATA>) + '",'
request_parameters += '"PartitionKey": "<PartitionKey>"'
request_parameters += '}'

# http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python
def sign(key, msg):
    return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest()
def getSignatureKey(key, date_stamp, regionName, serviceName):
    kDate = sign(('AWS4' + key).encode('utf-8'), date_stamp)
    kRegion = sign(kDate, regionName)
    kService = sign(kRegion, serviceName)
    kSigning = sign(kService, 'aws4_request')
    return kSigning

access_key = '<ACCESS KEY>'
secret_key = '<SECRET KEY>'
if access_key is None or secret_key is None:
    print 'No access key is available.'
    sys.exit()
# Create a date for headers and the credential string
t = datetime.datetime.utcnow()
amz_date = t.strftime('%Y%m%dT%H%M%SZ')
date_stamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope


canonical_uri = '/'

canonical_querystring = ''

canonical_headers = 'content-type:' + content_type + '\n' + 'host:' + host + '\n' + 'x-amz-date:' + amz_date + '\n' + 'x-amz-target:' + amz_target + '\n'

signed_headers = 'content-type;host;x-amz-date;x-amz-target'

payload_hash = hashlib.sha256(request_parameters).hexdigest()

canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash

algorithm = 'AWS4-HMAC-SHA256'
credential_scope = date_stamp + '/' + region + '/' + service + '/' + 'aws4_request'
string_to_sign = algorithm + '\n' +  amz_date + '\n' +  credential_scope + '\n' +  hashlib.sha256(canonical_request).hexdigest()

signing_key = getSignatureKey(secret_key, date_stamp, region, service)

signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()

authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' +  'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature
print authorization_header;


headers = {'Content-Type':content_type,
           'X-Amz-Date':amz_date,
           'X-Amz-Target':amz_target,
           'Authorization':authorization_header}
# ************* SEND THE REQUEST *************
print '\nBEGIN REQUEST++++++++++++++++++++++++++++++++++++'
print 'Request URL = ' + endpoint
r = requests.post(endpoint, data=request_parameters, headers=headers)
print '\nRESPONSE++++++++++++++++++++++++++++++++++++'
print 'Response code: %d\n' % r.status_code
print r.text

只需更改代码中用<>标记的必需参数，您就可以通过HTTP到达端点.仅在由于某些原因而无法使用aws-sdk或aws-cli时适用.

Just change the required parameters in the code that are marked with <> and you ll be able to hit the endpoint via HTTP. This is only applicable if you cant use aws-sdk or aws-cli for some reason.

上面的代码在python中.

The above code is in python.

要进行转换，请检查以下链接. https://github.com/danharper/hmac-examples

for transformation, check the following link. https://github.com/danharper/hmac-examples

这篇关于通过设置API网关调用Amazon Kinesis的REST API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！