A native, dependency-free Delphi toolkit for Amazon Web Services. Sign and send REST requests to S3, push messages to SQS, drive AWS IoT Core over MQTT-on-WebSocket, invoke Lambda functions, talk to DynamoDB and Bedrock, and generate strongly-typed Pascal clients for any AWS API from its OpenAPI / Smithy specification — all from a single set of sgcWebSockets components.
No Java runtime, no Python boto3, no Node bridge — just Pascal components that speak HTTPS, MQTT, WebSocket and AMQP directly to the AWS edge.
Amazon Web Services exposes more than 250 APIs — storage, queueing, IoT, compute, machine learning, identity, DNS, CDN, search, RDBMS, key management and dozens more. The official AWS SDK ships in Java, Python, JavaScript, Go, Ruby, PHP and .NET, but not in Delphi or C++Builder. sgcWebSockets fills the gap with a coherent set of native components: TsgcHTTP_API_AmazonSQS for queueing, TsgcWSAPI_AWSIoT for MQTT over WebSocket (Signature v4 presigned), TsgcHTTPClient with the built-in AWS Signature v4 signer for any REST service, and the sgcOpenAPI code generator for the long tail of services that publish a machine-readable specification.
Authentication is uniform: an access key + secret key pair (or a temporary STS session token with IAM role assumption), region, and service identifier. The Signature v4 helper computes the canonical request, the string-to-sign, the HMAC chain and the Authorization header for every outbound call, so every AWS endpoint — from S3 PUT to Bedrock InvokeModel — speaks the same dialect. Everything runs on Windows, macOS, Linux, iOS and Android with the same Pascal source.
TsgcHTTP_API_AmazonSQS, TsgcWSAPI_AWSIoT, TsgcHTTPClient + Signature v4 signer.
HTTPS / HTTP/2 for REST, MQTT 3.1.1 + 5 over WebSocket for IoT, raw WebSocket for streaming.
Windows, macOS, Linux, iOS, Android, .NET.
sgcOpenAPI consumes any AWS OpenAPI / Smithy spec and emits Pascal client classes.
PUT / GET / DELETE objects, multipart uploads, presigned URLs and bucket listings via HTTPS with Signature v4. Works against any S3-compatible store (MinIO, Wasabi, Backblaze B2, Cloudflare R2).
TsgcHTTP_API_AmazonSQS — create queues, send / receive / delete messages, FIFO + standard, dead-letter queues, batched send with one method call.
TsgcWSAPI_AWSIoT — MQTT 3.1.1 / 5 over WebSocket with Signature v4 presigned URLs or X.509 mutual TLS. Device shadow, jobs, fleet provisioning, custom authentication.
Synchronous (RequestResponse) and asynchronous (Event) invocations against the /2015-03-31/functions/{name}/invocations endpoint. Returns the JSON response or the X-Ray trace ID.
PutItem, GetItem, Query, Scan and TransactWriteItems via the JSON 1.0 protocol — same component, different X-Amz-Target header.
InvokeModel and InvokeModelWithResponseStream for Claude, Llama, Mistral, Titan and Nova — the streaming variant uses an event-stream codec wrapped by the HTTP/2 client.
Publish to topics and SMS targets, manage subscriptions and platform endpoints — pure HTTPS POST + Signature v4.
AssumeRole, GetSessionToken and Cognito user-pool sign-in / token-refresh — the OAuth2 flows interoperate with TsgcOAuth2Client.
sgcOpenAPI emits Pascal client classes for any AWS service that publishes an OpenAPI or Smithy specification — the long tail of CloudWatch, Kinesis, ECS, EKS, EventBridge and friends.
Every AWS request — S3 PUT, DynamoDB Query, Lambda Invoke, even the MQTT-on-WebSocket presigned URL used by AWS IoT — carries an Authorization: AWS4-HMAC-SHA256 header (or query string) derived from your access key, secret key, region and service name. sgcWebSockets ships a single Pascal Signature v4 helper that handles canonical request building, the string-to-sign, HMAC chaining and clock-skew detection — reusable from any HTTP / WebSocket / MQTT component. Combined with TsgcOAuth2Client for STS / Cognito flows and the built-in IAM role assumption pattern, you get the same security posture as the official SDKs in any other language.
A 30-line snippet that uploads a file to an S3 bucket and queues a notification on SQS — the canonical “hello world” of AWS automation.
uses
sgcHTTP_Client, sgcHTTP_API_AmazonSQS, sgcAWS_SignatureV4;
var
vHTTP: TsgcHTTPClient;
vSigner: TsgcAWSSignatureV4;
vSQS: TsgcHTTP_API_AmazonSQS;
vStream: TFileStream;
begin
// ----- 1) Upload a file to S3 -----
vHTTP := TsgcHTTPClient.Create(nil);
vSigner := TsgcAWSSignatureV4.Create;
try
vSigner.AccessKey := 'AKIA...';
vSigner.SecretKey := 'wJalrXUtn...';
vSigner.Region := 'eu-west-1';
vSigner.Service := 's3';
vStream := TFileStream.Create('report.pdf', fmOpenRead);
try
vSigner.Sign(vHTTP, 'PUT',
'https://my-bucket.s3.eu-west-1.amazonaws.com/report.pdf', vStream);
vHTTP.Put('https://my-bucket.s3.eu-west-1.amazonaws.com/report.pdf', vStream);
finally
vStream.Free;
end;
// ----- 2) Push a notification on SQS -----
vSQS := TsgcHTTP_API_AmazonSQS.Create(nil);
try
vSQS.AccessKey := 'AKIA...';
vSQS.SecretKey := 'wJalrXUtn...';
vSQS.Region := 'eu-west-1';
vSQS.QueueUrl := 'https://sqs.eu-west-1.amazonaws.com/123456789012/uploads';
vSQS.SendMessage('{"event":"upload","key":"report.pdf"}');
finally
vSQS.Free;
end;
finally
vSigner.Free;
vHTTP.Free;
end;
end;AWS IoT Core accepts MQTT over TLS (port 8883) with X.509 mutual TLS, MQTT over WebSocket (port 443) signed with Signature v4, or MQTT with a custom authoriser. TsgcWSAPI_AWSIoT handles all three — the WebSocket transport is the easiest path from corporate networks that block 8883, and the component generates the presigned URL transparently from your access key.
uses
sgcWSAPI_AWSIoT;
var
vIoT: TsgcWSAPI_AWSIoT;
begin
vIoT := TsgcWSAPI_AWSIoT.Create(nil);
try
vIoT.Authentication.SignatureV4.AccessKey := 'AKIA...';
vIoT.Authentication.SignatureV4.SecretKey := 'wJalrXUtn...';
vIoT.Authentication.SignatureV4.Region := 'eu-west-1';
vIoT.Host := 'a1b2c3d4e5f6g7-ats.iot.eu-west-1.amazonaws.com';
vIoT.OnMQTTConnect := DoMQTTConnect;
vIoT.OnMQTTSubscribe := DoMQTTSubscribe;
vIoT.OnMQTTPublish := DoMQTTPublish;
vIoT.Active := True;
finally
vIoT.Free;
end;
end;Drop sgcWebSockets into your Delphi or C++Builder installation — one IDE package per Delphi version 7 through 13. Download the trial.
In the AWS console, create a programmatic-access IAM user, attach a least-privilege policy, and copy the access-key / secret-key pair.
For SQS use TsgcHTTP_API_AmazonSQS, for IoT use TsgcWSAPI_AWSIoT, for anything else use TsgcHTTPClient with the Signature v4 helper.
Overview of how sgcWebSockets exposes the AWS surface to Pascal developers.
Step-by-step walk-through of TsgcHTTP_API_AmazonSQS — queues, FIFO, batching, dead-letter routing.
How to drive AWS IoT Core over MQTT-on-WebSocket without X.509 certificates.
Use a Lambda authoriser to issue MQTT credentials on the fly.
Federate users and obtain STS session tokens from Cognito user pools.
Talk to Amazon’s quantum-computing service via the generated SDK.