Menu
I am getting en error when creating S3 client from class S3 in newer v3 of aws-sdk javascript.
I add aws config parameters including credentials obtained from aws sts when user gets authenticated (assuming a role with permission to call getObject) at service-level (when instantiating S3 class) along with other parameters. See my code below:
const { S3, ... } = require("@aws-sdk/client-s3");
someFunc();
function someFunc(authUserCredentials) {
...
try {
const { AccessKeyid, SecretKey, SessionToken } = authUserCredentials;
const s3Client = new S3({
signatureVersion: 'v4',
accessKeyId: AccessKeyId,
secretAccessKey: SecretKey,
sessionToken: SessionToken,
region: 'us-east-1',
});
console.log(s3Client.config);
...
}catch(e) {
console.error(e);
}
}
I checked the class S3 code in aws-sdk-js-v3 repo, and there doesn't seem to be no 'Credential' constructor config argument required. Am I doing something wrong?
875
Just to clarify Chris Williams's answer combined with @Waleed93's second comment, what used to work with the AWS Javascript SDK v2 is:
import S3 from 'aws-sdk/clients/s3';
const AccessKeyId = xxxxx,
SecretKey = yyyyyyyy,
SessionToken = zzzzzzzzzz;
const s3Client = new S3({
apiVersion: '2006-03-01',
region: 'us-east-1',
accessKeyId: AccessKeyId,
secretAccessKey: SecretKey,
sessionToken: SessionToken
});
For SDK v3, the constructor no longer accepts individual credential parameters but does take a "credentials" object as a parameter. What works is:
const { S3 } = require('@aws-sdk/client-s3');
const AccessKeyId = xxxxx,
SecretKey = yyyyyyyy,
SessionToken = zzzzzzzzzz;
const creds = {
accessKeyId: AccessKeyId,
secretAccessKey: SecretKey,
sessionToken: SessionToken
};
const s3Client = new S3({
apiVersion: '2006-03-01',
region: 'us-east-1',
credentials: creds
});
This change is nowhere to be found in the AWS SDK documentation, class reference, or Developer Guide for SDK Version 3. Thank you to Chris and @Waleed93 for figuring it out.
69
According to the documentation for the constructor these arguments are valid.
There is still an argument name for the Credential object with the name credentials. If you instantiate a AWS.Credentials object you can pass this into that argument.
28
The value of credentials should be an object containing your credentials passed into the config as below:
import { S3Client, GetObjectCommand } from '@aws-sdk/client-s3'
const CREDENTIAL = {
accessKeyId: 'accesKeyIdString',
secretAccessKey: 'secretAccessKeyIdString',
};
const REGION: 'aws region';
const s3Client = new S3Client({region: REGION, credentials: CREDENTIAL});
I'm going to expand on this a bit more with my own experiences. I was working through this guide from AWS for "Viewing Photos in an Amazon S3 Bucket from a Browser" (giving guest users -- no login --, the ability to interact with s3 objects through a cognito identity pool). The resources in the AWS guide are for the V2 version of the SDK. So, I had to do a lot of digging to set it up for V3.
new S3({ ... credentials })
import { fromCognitoIdentityPool } from "@aws-sdk/credential-providers";
import { S3, ListObjectsCommand } from "@aws-sdk/client-s3";
// get identity pool creds (in my case)
const credentials = fromCognitoIdentityPool({
identityPoolId: "your-identity-pool-id",
clientConfig: { region: "your-region" },
});
// initialize V3 SDK S3 class
const client = new S3({
apiVersion: "2006-03-01",
region: "your-region",
// plug in credentials
credentials,
});
...
This was my specific use case. Here are the resources I found really helpful.
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
