Skip to Content
avatar image
Former Member

Uploading file to AWS S3 bucket via REST API

Hi Experts

I want to use REST adapter to upload file in Amazon's AWS S3 bucket. I have the target URL and Developer guide suggests I should use Authentication header

Authorization: AWS AWSAccessKeyId:Signature

https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html

I have AWS Access Key Id and AWS secret access key. Now I have to create signature based on these. The Signature element is the RFC 2104 HMAC-SHA1 of selected elements from the request. I understand that I have to use AWS Secret access key on some string generated from request elements like HTTP-Verb, Date, etc. I assume I have to write some JAVA code for it.

I came across this discussion in may 16.

https://archive.sap.com/discussions/thread/3855339

But its not AWS S3 and signature is passed via query string and not http header. Are there any advancements in PI REST adapter since above discussion. How best to generate signature and execute REST API call for AWS S3? Our version is sap pi 7.4 sp 12.

Regards

Sunit

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Mar 07 at 02:21 PM

    I have recently done this similar integration with AWS S3 bucket. It worked with Rest adapter using header and body fashion.

    First you better download the jar from below link and play with it plain java code.

    https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-examples-using-sdks.html#sig-v4-examples-using-sdk-java

    jar

    https://s3.amazonaws.com/aws-java-sdk/samples/AWSS3SigV4JavaSamples.jar

    You can try to run the method putS3Object which is being called in the main method. You will get to know how posting is happening. You can also test the service in Post man, it has all functionality you just have to feed the credentials and payload. It works get and put.

    PutS3ObjectSample.putS3Object(bucketName, regionName, awsAccessKey, awsSecretKey);

    GetS3ObjectSample.getS3Object(bucketName, regionName, awsAccessKey, awsSecretKey);

    PresignedUrlSample.getPresignedUrlToS3Object(bucketName, regionName, awsAccessKey, awsSecretKey); PutS3ObjectChunkedSample.putS3ObjectChunked(bucketName, regionName, awsAccessKey, awsSecretKey);

    instead of doing all these, if you can catch amazon API team, your job will be easy. you can ask them what is the header and body format for posting.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Mar 07 at 11:30 PM

    Thanks for your reply.

    Looks like you are using AWS SDK.

    Where exactly did you write the java code in Java mapping or Adapter Module in REST channel?

    Regards

    Add comment
    10|10000 characters needed characters exceeded

    • My assumtion is that generating signatures,checksum, etc are done using mapping. and posting is done via Rest receiver adapter.

      In SDK, posting is happneing once the method is called, but i guess that should be commented. make the method to generate the signatures and return, but not making a call to endpoint.

      We can do the posting in java code itself, but that is not a best practise.

      However i will wait for Sunit's reply

  • May 11 at 02:27 PM

    I would use a local file allocation where S3 is mounted rather that fixing REST adapter to communicate with AWS S3.

    Add comment
    10|10000 characters needed characters exceeded