I want to know how does Terraform make jwt using access_key and secret_key…
Especially signature.
This reference let me know how does it work, but I could not found where terraform does it…
How does it makes signature??
Hi @chan.ryoo 
Thank you for asking.
I have not personally been working day-to-day on the Terraform AWS Provider or Terraform S3 Backend for the past year, but I presume nothing has changed majorly in this area. The AWS provider and S3 backend likely still rely on the AWS SDK for Go (either version 1 or version 2) to handle the signing logic. For example, this AWS-owned Go code may be relevant: aws-sdk-go-v2/v4a.go at main · aws/aws-sdk-go-v2 · GitHub
That said, you may have slightly better luck with asking this question over in the AWS provider discussion section, since this section is mainly monitored by maintainers of the Terraform Plugin SDK/Framework and people looking to assist with general provider development questions.
Thank you for answering!!
If you don’t mind, can I ask you one more question??
Does Terraform used aws-sdk-go-v2/v4a.go to make signatrue before?
If so, is that logic located in This open source ??
I counld not fount any logic that makes signature
Instead, I fount that here
How does it works??
The Terraform S3 Backend, Terraform AWS Provider, and Terraform AWS CloudControl Provider code all use GitHub - hashicorp/aws-sdk-go-base: AWS Go SDK Base Client and Helper Function Library as a shared dependency for consistently configuring the AWS API clients. I believe those AWS clients automatically inherit the API signature handling from the AWS SDK for Go. Any further questions, I would have to defer to AWS - HashiCorp Discuss for a better answer as I have not worked on that team for awhile now.