aws-sdk-for-zig/README.md

3.7 KiB

AWS SDK for Zig

Build Status

NOTE: THIS SDK IS ONLY CURRENTLY USABLE FOR A SMALL SUBSET OF AWS SERVICES WITHOUT A PROXY. SEE LIMITATIONS SECTION BELOW

Current executable size for the demo is 980k after compiling with -Doptimize=ReleaseSmall in x86_linux, and will vary based on services used. Tested targets:

  • x86_64-linux
  • riscv64-linux
  • aarch64-linux
  • x86_64-windows
  • arm-linux
  • aarch64-macos
  • x86_64-macos

Tested targets are built, but not continuously tested, by CI.

Building

zig build should work. It will build the code generation project, fetch model files from upstream AWS Go SDK v2, run the code generation, then build the main project with the generated code. Testing can be done with zig test.

Note that there are some loose ends on this version as compared to the 0.9.0 branch. More details below in Limitations. This branch overall is superior, as is the 0.11 compiler, but if you need an edge case and don't want to issue a PR, feel free to use that branch.

Using

This is designed for use with the Zig 0.11 package manager, and exposes a module called "aws". Set up build.zig.zon and add the dependency/module to your project as normal and the package manager should do its thing.

Running the demo

This library mimics the aws c libraries for it's work, so it operates like most other 'AWS things'. main.zig gives you a handful of examples for working with services. For local testing or alternative endpoints, there's no real standard, so there is code to look for AWS_ENDPOINT_URL environment variable that will supersede all other configuration. Note that an alternative endpoint may require passing in a client option to specify an different TLS root certificate (pass null to disable certificate verification).

An old branch based on aws-crt exists for posterity, and supports x86_64 linux. The old branch is deprecated, so if there are issues you see that work correctly in the aws-crt branch, please file an issue.

Limitations

The zig 0.11 HTTP client supports TLS 1.3 only. This, IMHO, is a reasonable restriction given its introduction 5 years ago, but is inflicting some short term pain on this project as AWS has not yet fully implemented the protocol. AWS has committed to TLS 1.3 support across all services by the end of 2023, but many (most) services as of August 28th have not yet been upgraded. Proxy support has been added, so to get to the services that do not yet support TLS 1.3, you can use something like mitmproxy to proxy those requests. Of course, this is not a good production solution...

WebIdentityToken is not yet implemented.

TODO List:

  • Json parsing is based on a fork of the 0.9.0 (maybe earlier?) json parser. This needs a re-visit. Note also that a json.zig file is embedded/copied from the codegen project, so that also needs a second look.
  • Take a look to see about compilation speed. With codegen caching this is reasonable, but still takes longer than needed.
  • Upgrade the model files. This is a simple tasks, but I'd like the first item on this list to be completed first.
  • Implement sigv4a signing
  • Implement jitter/exponential backoff
  • Implement timeouts and other TODO's in the code
  • Add option to cache signature keys

Compiler wishlist/watchlist: