The @aws-sdk/credential-provider-node is an AWS credential provider that garners credentials from a Node.js environment. It offers a factory function, fromEnv
, that strives to source AWS credentials relying on numerous sources such as environment variables available through process.env
, SSO credentials, web identity token credentials, shared credentials, and config ini files, and leveraging the EC2/ECS Instance Metadata Service. The credential provider will initialize one provider at a time and only proceed to the next if no credentials are found.
Utilizing the @aws-sdk/credential-provider-node involves including it in your JavaScript code. Below you can see how you can employ the defaultProvider
:
const { getDefaultRoleAssumerWithWebIdentity } = require("@aws-sdk/client-sts");
const { defaultProvider } = require("@aws-sdk/credential-provider-node");
const { S3Client, GetObjectCommand } = require("@aws-sdk/client-s3");
const provider = defaultProvider({
roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity({
// You must explicitly pass a region if you are not using us-east-1
region: "eu-west-1"
}),
});
const client = new S3Client({ credentialDefaultProvider: provider });
Plus, the provided wrapper of this provider in @aws-sdk/credential-providers
package can be used to avoid importing getDefaultRoleAssumerWithWebIdentity()
or getDefaultRoleAssume()
from the STS package. Here's how you can utilize fromNodeProviderChain
:
const { fromNodeProviderChain } = require("@aws-sdk/credential-providers");
const credentials = fromNodeProviderChain();
const client = new S3Client({ credentials });
The information about @aws-sdk/credential-provider-node can be found in the readme content on the GitHub page at https://github.com/aws/aws-sdk-js-v3 as part of the AWS SDK for JavaScript version 3 package, where it provides elaborate details on how to use it and find related packages.