Verifying Amazon SNS Message Authenticity
You can now use version 2 of the AWS SDK for Ruby to verify the signatures of Amazon SNS messages. To help prevent spoofing attacks, you should verify messages are sent by Amazon SNS.
The new verifier follows the documented best practices for verification, including:
- Always use HTTPS when getting the certificate from Amazon SNS.
- Validate the authenticity of the certificate.
- Verify the certificate was received from Amazon SNS.
Usage is straightforward. Construct a message verifier and call one of two methods. The given message body should be the JSON document string of the message.
verifier = Aws::SNS::MessageVerifier.new verifier.authentic?(message_body) #=> returns true or false verifier.authenticate!(message_body) #=> returns true or raises a VerificationError
You can use one instance of
Aws::SNS::MessageVerifier.new to verify multiple messages.
As always, we love to hear your feedback. It helps us prioritize our development efforts. In fact, this feature was added by customer request. Feel free to join our Gitter channel or open a GitHub issue.