Comments (8)
This is definitely on our todo list. I can't comment on when this will get done exactly, but it is a priority.
from aws-sdk-js.
+1
If only for the security best practices of not having keys flowing around.
from aws-sdk-js.
Is there reason to not support the AWS_CONFIG_FILE export as well?
from aws-sdk-js.
AWS_CONFIG_FILE is a different thing from using instance metadata, because it won't stop you from hardcoding the credentials on the machine. That said, you can always use AWS.config.loadFromPath(process.env.AWS_CONFIG_FILE)
if you want this behaviour. Is AWS_CONFIG_FILE used in any other Amazon tools? If it is, it's likely that it's not in the same format as we would expect in the Node.js SDK, so supporting this out of the box might not work.
from aws-sdk-js.
It appears my terminology is wrong. I understood the features as related since there must be some hierarchy of checking for credentials, correct? Ie: Checking for IAM role, then bash export, then config file... etc. Currently I have found the aws-sdk-js to obey /only/ exports of ACCESS_KEY_ID and SECRET_ACCESS_KEY. If IAM roles were to be implemented, would it be in a different section of the code? ( config.js: 384 )
Note:
This is of consequence only because there is no afaik no standard export for region defined, however it is implementable via the CONFIG_FILE. It does not appear ruby SDK supports this feature either, so the request may not be valid.
from aws-sdk-js.
If IAM roles were to be implemented, would it be in a different section of the code?
No, it would be the next check in the chain after env vars. I actually just pushed the EC2 instance metadata branch, see #78. We don't check disk in the chain though, because as you pointed out, we don't use AWS_CONFIG_FILE as a standard mechanism for loading credentials. It seems that this variable is new to the AWS CLI tool, so we could add support for this, but note that it's not in a JSON format, so that might be something Node developers might not be used to.
This is of consequence only because there is no afaik no standard export for region defined,
We have AWS_REGION
for a standard region, actually. You can use that.
from aws-sdk-js.
Roles on EC2 instances should now be transparently supported. Those interested in testing this out can pull down the master branch and give it a spin!
Note that we currently do not handle invalidation of expired credentials, we will be adding this before the next release, and we are tracking that specific feature as #80
from aws-sdk-js.
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.
from aws-sdk-js.
Related Issues (20)
- Dependency xml2js Impacting Library HOT 1
- AWS sdk is not accepting parameters as mentioned in the document HOT 2
- AWS sdk is not accepting parameters as mentioned in the document HOT 4
- RDS data API cannot handle insert enum HOT 9
- EKS Pod Identity does not work with aws-sdk v2 HOT 6
- Getting Project Config from Console Injection HOT 2
- AWS -SDK and Angular 17 issue HOT 2
- The AppRunner Service Status lacks sufficient explanation. HOT 2
- MediaPipeline did not record video individual streams HOT 2
- EventBridge putRule/PutRuleCommand: ERROR ValidationException: 1 validation error detected: Value 'aws.partner/sellingpartnerapi.amazon.com/121212121212/amzn1.sp.solution.cb4023df-4e06-4fcf-a8a4-123e3a6544ee' at 'eventBusName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\.\-_A-Za-z0-9]+ HOT 1
- Intermittent RequestTimeout: Your socket connection to the server was not read from or written to within the timeout period. Idle connections will be closed. HOT 2
- How to get to the video is the conversion complete? HOT 2
- ReferenceError in SageMaker invokeEndpointWithResponseStream HOT 6
- S3 - CompleteMultiPartUpload HOT 1
- LakeFormation listPermissions returns abnormal result
- SageMaker ListDevices in us-west-1 "This operation is not supported in this region" HOT 2
- @aws-sdk/credential-providers has trouble reading config files from home-relative paths
- AWS Batch API - ListJobs response missing 'statusReason' when request params include 'filters' HOT 2
- AWS.SsoCredentials is not a constructor HOT 1
- Error in AWS SDK and Usage Guide for Content Moderation version 7 HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-sdk-js.