I have a unique case. I am building a proxy and would like to verify AWS4 signature.
for example:
ServiceA is assigned with RoleA and is making request to ProxyService. I would like to verify using the amazon HTTP headers that the request actually came out of ServiceA. It is important to note that I do have permissions from ProxyService to assume role of RoleA.
It is possible to recalculate the signature using the Secret access key, which I do possess. my problem is that when using IAM roles, ServiceA use temporary credentials, so when asking for credentials using STS api from ProxyService I am actually getting a different credentials.
I would like to create a solution when I do not need to make a code change for ServiceA
