Configure AWS authentication

You can configure AWS authentication in the API Engine to communicate with your webservices. This requires an Access Key and a Secret Key.

To do so, follow the steps below:

  1. Select your API Module.

  2. In the Technical View, click on the Auth tab.

  3. In the Authentication drop-down menu, select AWS Signature.

  4. Enter your Access Key and Secret Key.

  5. Optionally, enter your Session Token in case you have temporary credentials.

  6. Enter the Service Name to identify the AWS product.

    This field is optional, however, Tricentis recommends to provide the service name. If not, Tosca tries to retrieve the service name automatically from any HTTP URL in the Endpoint field which might not result in the correct service name.

  7. Optionally, in case your endpoint does not contain a Region entry, select it from the drop-down menu. The default value is US East (Ohio).

Configure AWS authentication

Automatic service name identification

The automatic service name identification process is error-prone. If you provide an invalid region in the URL by misspelling it, Tosca will consider it your service name. Therefore, Tricentis recommends to provide the service name manually in the Service Name field.

If you don't provide the Service Name, but use HTTP transport type, Tosca tries to retrieve the service name automatically from the URL you provided in the Endpoint field.

To do so, Tosca analyzes each part of the URL, this means the sections separated by a full-stop:

  1. Tosca checks the URL's third-to-last part:

    • If Tosca finds the provided input in its valid list of regions, Tosca considers your input as the region and moves on to examine the URL's fourth-to-last part.

    • If Tosca doesn't recognize your input as a valid region, it considers your input the service name.

    • If there is no third-to-last part, i.e. the URL consists of only two parts, Tosca leaves the Service Name field empty.

  2. If Tosca recognized the third-to-last part of the URL as a region, Tosca checks the fourth-to-last part of the URL:

    • If there is a fourth-to-last part in the URL, Tosca considers it the service name.

    • If there is no fourth-to-last part in the URL (i.e. it only has three parts), the service name field remains empty.

Examples of automatic service name identification

In this example, you provided the URL sqs.us-east-1.amazonaws.com as the Endpoint.

  1. Tosca analyzes the third-to-last part of the URL and recognizes it as a valid region: us-east-1. Therefore, Tosca won't consider this part as the service name.
  2. Tosca moves on to examine whether there is a fourth-to-last part in the URL.

  3. The URL has a fourth-to-last part, therefore Tosca considers it the service name: sqs.

In this example, you provided the URL sqs.amazonaws.com as the Endpoint.

  1. Tosca analyzes the third-to-last part of the URL. sqs is not a valid region.

  2. Since the third-to-last part of the URL was not a region, Tosca considers it the service name: sqs.

In this example, you provided the URL us-east-1.amazonaws.com as the Endpoint.

  1. Tosca analyzes the third-to-last part of the URL and recognizes it as a valid region: us-east-1. Therefore, Tosca won't consider this part as the service name.

  2. Tosca moves on to examine whether there is a fourth-to-last part in the URL.

  3. The URL doesn't have a fourth-to-last part, therefore the Service Name field remains empty.