'Using the AWS javascript SDK, V3, is there a credentials provider chain equivalent?
I'm migrating from V2 to V3 of the javascript SDK for AWS, using NodeJS. Our application needs to check for credentials in a couple places. Previously we used the Credential Provider Chain but I cannot find the equivalent in V3. I need to look in the shared INI file (SharedIniFileCredential) when my script runs locally but the script also runs in kubernetes so (I think) I also need roleAssumerWithWebIdentity. How do I use a credential chain in V3?
amazon-web-servicesSolution 1:[1]
The module @aws-sdk/credential-provider-node provides a default credential provider similar to what you're looking for:
It will attempt to find credentials from the following sources (listed in order of precedence):
- Environment variables exposed via process.env
- SSO credentials from token cache
- Web identity token credentials
- Shared credentials and config ini files
- The EC2/ECS Instance Metadata Service
Here's an example from their page:
const { getDefaultRoleAssumerWithWebIdentity } = require("@aws-sdk/client-sts");
const { defaultProvider } = require("@aws-sdk/credential-provider-node");
const { S3Client, GetObjectCommand } = require("@aws-sdk/client-s3");
const provider = defaultProvider({
roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity,
});
const client = new S3Client({ credentialDefaultProvider: provider });
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | shj |