CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-software-amazon-awssdk--bom

AWS SDK for Java v2 Bill of Materials providing centralized dependency management for 450+ AWS service modules and SDK components

Overview
Eval results
Files

authentication.mddocs/

Authentication & Security

Authentication, HTTP signing, and security components for AWS service requests including credential providers, signing algorithms, and security utilities.

Core Imports

<!-- Import BOM for version management -->
<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>software.amazon.awssdk</groupId>
            <artifactId>bom</artifactId>
            <version>2.33.4</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

Capabilities

HTTP Authentication Core

Core HTTP authentication interfaces and implementations providing the foundation for AWS request signing.

/**
 * HTTP Authentication SPI - Service provider interface for HTTP authentication
 * Features: Pluggable authentication, extensible signing
 * Best for: Custom authentication implementations
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-spi</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

/**
 * HTTP Authentication Core - Base HTTP authentication implementations
 * Features: Core signing logic, credential management
 * Best for: Standard HTTP authentication scenarios
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

AWS-Specific Authentication

AWS-specific authentication implementations including SigV4 signing and AWS credential providers.

/**
 * AWS HTTP Authentication - AWS-specific HTTP authentication
 * Features: SigV4 signing, AWS credential integration, region handling
 * Best for: Standard AWS service authentication
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

Key Features:

  • AWS Signature Version 4 (SigV4) implementation
  • Integration with AWS credential providers
  • Automatic region and service detection
  • Request canonicalization and signing
  • Support for temporary credentials

Usage Example:

<dependencies>
    <!-- Service client -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>s3</artifactId>
    </dependency>
    
    <!-- AWS authentication -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws</artifactId>
    </dependency>
</dependencies>

CRT-Based Authentication

High-performance authentication implementations based on AWS Common Runtime.

/**
 * AWS CRT HTTP Authentication - High-performance CRT-based authentication
 * Features: Native performance, advanced AWS features, optimized signing
 * Best for: High-performance applications, maximum throughput
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws-crt</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

/**
 * AWS CRT Authentication Utilities - CRT-based authentication utilities
 * Features: Native credential providers, optimized performance
 * Best for: Applications using CRT HTTP client
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>auth-crt</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

Key Features:

  • Native performance optimization
  • Advanced AWS credential provider implementations
  • Optimized for use with CRT HTTP client
  • Reduced CPU overhead for signing operations
  • Latest AWS authentication features

Usage Example:

<dependencies>
    <!-- Service client -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>dynamodb</artifactId>
    </dependency>
    
    <!-- CRT authentication and HTTP client -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws-crt</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>aws-crt-client</artifactId>
    </dependency>
</dependencies>

Event Stream Authentication

Specialized authentication for AWS event streaming services like Kinesis Video Streams.

/**
 * AWS EventStream Authentication - Authentication for streaming services
 * Features: Continuous signing, stream authentication, event validation
 * Best for: Kinesis Video Streams, real-time streaming applications
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws-eventstream</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

Key Features:

  • Continuous authentication for long-lived streams
  • Event-by-event signature validation
  • Integration with streaming protocols
  • Support for chunked transfer encoding
  • Real-time authentication updates

Usage Example:

<dependencies>
    <!-- Kinesis Video Streams -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>kinesisvideo</artifactId>
    </dependency>
    
    <!-- EventStream authentication -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws-eventstream</artifactId>
    </dependency>
</dependencies>

Identity Management

Identity management interfaces and implementations for credential handling and identity resolution.

/**
 * Identity SPI - Service provider interface for identity management
 * Features: Pluggable identity providers, credential abstraction
 * Best for: Custom identity implementations, credential providers
 */
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>identity-spi</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

Key Features:

  • Pluggable identity provider architecture
  • Credential lifecycle management
  • Support for various credential types
  • Identity caching and refresh mechanisms
  • Integration with external identity systems

Authentication Flow Integration

Standard AWS Services

Most AWS services use the standard authentication flow:

<dependencies>
    <!-- Service client -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>ec2</artifactId>
    </dependency>
    
    <!-- Standard AWS authentication (usually auto-included) -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws</artifactId>
    </dependency>
</dependencies>

High-Performance Applications

For maximum performance, use CRT-based authentication:

<dependencies>
    <!-- Service clients -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>s3</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>dynamodb</artifactId>
    </dependency>
    
    <!-- High-performance authentication and HTTP -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws-crt</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>aws-crt-client</artifactId>
    </dependency>
</dependencies>

Streaming Applications

For applications using streaming services:

<dependencies>
    <!-- Streaming services -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>kinesisvideo</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>transcribestreaming</artifactId>
    </dependency>
    
    <!-- EventStream authentication -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws-eventstream</artifactId>
    </dependency>
</dependencies>

Security Best Practices

Credential Management

  • Use IAM roles instead of hardcoded credentials
  • Implement credential rotation policies
  • Use temporary credentials when possible
  • Store credentials securely (AWS Secrets Manager, environment variables)

Authentication Selection

  • Use CRT authentication for high-performance applications
  • Use standard authentication for most applications
  • Use EventStream authentication for streaming services
  • Consider custom authentication for specialized requirements

Network Security

  • Always use HTTPS for production applications
  • Implement proper certificate validation
  • Use VPC endpoints for internal AWS service access
  • Configure appropriate security groups and NACLs

Usage Examples

Complete security stack:

<dependencies>
    <!-- Core services -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>s3</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>iam</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>sts</artifactId>
    </dependency>
    
    <!-- Authentication -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws</artifactId>
    </dependency>
    
    <!-- Enhanced security -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>iam-policy-builder</artifactId>
    </dependency>
</dependencies>

Microservice authentication:

<dependencies>
    <!-- Service clients -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>dynamodb</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>sqs</artifactId>
    </dependency>
    
    <!-- Optimized authentication -->
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>http-auth-aws-crt</artifactId>
    </dependency>
    <dependency>
        <groupId>software.amazon.awssdk</groupId>
        <artifactId>aws-crt-client</artifactId>
    </dependency>
</dependencies>

Types

<!-- Authentication component coordinates -->
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-spi</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws-crt</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>http-auth-aws-eventstream</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>identity-spi</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>auth-crt</artifactId>
    <version>${awsjavasdk.version}</version>
</dependency>

Install with Tessl CLI

npx tessl i tessl/maven-software-amazon-awssdk--bom

docs

authentication.md

core-infrastructure.md

enhanced-libraries.md

http-clients.md

index.md

service-clients.md

tile.json