Add AWS Comprehend prompt redaction utility#482
Conversation
|
CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅ |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 38a49ee7d6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const canonicalHeaders = `content-type:application/x-amz-json-1.1\nhost:${host}\nx-amz-date:${amzDate}\nx-amz-target:${target}\n`; | ||
| const signedHeaders = "content-type;host;x-amz-date;x-amz-target"; |
There was a problem hiding this comment.
When temporary AWS credentials are used (AWS_SESSION_TOKEN/sessionToken), this signer adds X-Amz-Security-Token to the outbound headers later but does not include it in canonicalHeaders/signedHeaders, so the computed signature no longer matches the actual request headers. In IAM role-based environments (Lambda/ECS/EKS/SSO), Comprehend calls can fail with signature/auth errors, which breaks redaction entirely for those deployments.
Useful? React with 👍 / 👎.
josemariano-hub
force-pushed
the
aws-comprehend-redaction
branch
from
38a49ee to
672198b
Compare
|
I have read the Arakoo CLA Document and I hereby sign the CLA |
josemariano-hub
force-pushed
the
aws-comprehend-redaction
branch
from
672198b to
6d78117
Compare
|
recheck |
2 participants
Summary
/claim #290
Closes #290
Verification