The @aws-sdk/credential-provider-node is an AWS credential provider that garners credentials from a Node.js environment. It offers a factory function, fromEnv, that strives to source AWS credentials relying on numerous sources such as environment variables available through process.env, SSO credentials, web identity token credentials, shared credentials, and config ini files, and leveraging the EC2/ECS Instance Metadata Service. The credential provider will initialize one provider at a time and only proceed to the next if no credentials are found.
Utilizing the @aws-sdk/credential-provider-node involves including it in your JavaScript code. Below you can see how you can employ the defaultProvider:
const { getDefaultRoleAssumerWithWebIdentity } = require("@aws-sdk/client-sts");
const { defaultProvider } = require("@aws-sdk/credential-provider-node");
const { S3Client, GetObjectCommand } = require("@aws-sdk/client-s3");
const provider = defaultProvider({
roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity({
// You must explicitly pass a region if you are not using us-east-1
region: "eu-west-1"
}),
});
const client = new S3Client({ credentialDefaultProvider: provider });
Plus, the provided wrapper of this provider in @aws-sdk/credential-providers package can be used to avoid importing getDefaultRoleAssumerWithWebIdentity() or getDefaultRoleAssume() from the STS package. Here's how you can utilize fromNodeProviderChain:
const { fromNodeProviderChain } = require("@aws-sdk/credential-providers");
const credentials = fromNodeProviderChain();
const client = new S3Client({ credentials });
The information about @aws-sdk/credential-provider-node can be found in the readme content on the GitHub page at https://github.com/aws/aws-sdk-js-v3 as part of the AWS SDK for JavaScript version 3 package, where it provides elaborate details on how to use it and find related packages.
