@aws-sdk/credential-provider-node v3.563.0
@aws-sdk/credential-provider-node
AWS Credential Provider for Node.JS
This module provides a factory function, fromEnv
, that will attempt to source
AWS credentials from a Node.JS environment. It will attempt to find credentials
from the following sources (listed in order of precedence):
- Environment variables exposed via
process.env
- SSO credentials from token cache
- Web identity token credentials
- Shared credentials and config ini files
- The EC2/ECS Instance Metadata Service
The default credential provider will invoke one provider at a time and only
continue to the next if no credentials have been located. For example, if the
process finds values defined via the AWS_ACCESS_KEY_ID
and
AWS_SECRET_ACCESS_KEY
environment variables, the files at ~/.aws/credentials
and ~/.aws/config
will not be read, nor will any messages be sent to the
Instance Metadata Service.
If invalid configuration is encountered (such as a profile in
~/.aws/credentials
specifying as its source_profile
the name of a profile
that does not exist), then the chained provider will be rejected with an error
and will not invoke the next provider in the list.
IMPORTANT: if you intend to acquire credentials using EKS
IAM Roles for Service Accounts,
then you must explicitly specify a value for roleAssumerWithWebIdentity
. There is a
default function available in @aws-sdk/client-sts
package. An example of using
this:
const { getDefaultRoleAssumerWithWebIdentity } = require("@aws-sdk/client-sts");
const { defaultProvider } = require("@aws-sdk/credential-provider-node");
const { S3Client, GetObjectCommand } = require("@aws-sdk/client-s3");
const provider = defaultProvider({
roleAssumerWithWebIdentity: getDefaultRoleAssumerWithWebIdentity({
// You must explicitly pass a region if you are not using us-east-1
region: "eu-west-1"
}),
});
const client = new S3Client({ credentialDefaultProvider: provider });
IMPORTANT: We provide a wrapper of this provider in @aws-sdk/credential-providers
package to save you from importing getDefaultRoleAssumerWithWebIdentity()
or
getDefaultRoleAssume()
from STS package. Similarly, you can do:
const { fromNodeProviderChain } = require("@aws-sdk/credential-providers");
const credentials = fromNodeProviderChain();
const client = new S3Client({ credentials });
Supported configuration
You may customize how credentials are resolved by providing an options hash to
the defaultProvider
factory function. The following options are
supported:
profile
- The configuration profile to use. If not specified, the provider will use the value in theAWS_PROFILE
environment variable or a default ofdefault
.filepath
- The path to the shared credentials file. If not specified, the provider will use the value in theAWS_SHARED_CREDENTIALS_FILE
environment variable or a default of~/.aws/credentials
.configFilepath
- The path to the shared config file. If not specified, the provider will use the value in theAWS_CONFIG_FILE
environment variable or a default of~/.aws/config
.mfaCodeProvider
- A function that returns a a promise fulfilled with an MFA token code for the provided MFA Serial code. If a profile requires an MFA code andmfaCodeProvider
is not a valid function, the credential provider promise will be rejected.roleAssumer
- A function that assumes a role and returns a promise fulfilled with credentials for the assumed role. If not specified, no role will be assumed, and an error will be thrown.roleArn
- ARN to assume. If not specified, the provider will use the value in theAWS_ROLE_ARN
environment variable.webIdentityTokenFile
- File location of where theOIDC
token is stored. If not specified, the provider will use the value in theAWS_WEB_IDENTITY_TOKEN_FILE
environment variable.roleAssumerWithWebIdentity
- A function that assumes a role with web identity and returns a promise fulfilled with credentials for the assumed role.timeout
- The connection timeout (in milliseconds) to apply to any remote requests. If not specified, a default value of1000
(one second) is used.maxRetries
- The maximum number of times any HTTP connections should be retried. If not specified, a default value of0
will be used.
Related packages:
- AWS Credential Provider for Node.JS - Environment Variables
- AWS Credential Provider for Node.JS - SSO
- AWS Credential Provider for Node.JS - Web Identity
- AWS Credential Provider for Node.JS - Shared Configuration Files
- AWS Credential Provider for Node.JS - Instance and Container Metadata
- AWS Shared Configuration File Loader
21 hours ago
10 days ago
15 days ago
17 days ago
22 days ago
1 month ago
1 month ago
1 month ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
2 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
3 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
4 months ago
5 months ago
5 months ago
5 months ago
5 months ago
5 months ago
6 months ago
5 months ago
5 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
6 months ago
9 months ago
10 months ago
8 months ago
10 months ago
7 months ago
7 months ago
6 months ago
8 months ago
9 months ago
9 months ago
7 months ago
9 months ago
10 months ago
7 months ago
8 months ago
8 months ago
9 months ago
10 months ago
7 months ago
6 months ago
9 months ago
7 months ago
7 months ago
6 months ago
8 months ago
9 months ago
9 months ago
7 months ago
8 months ago
6 months ago
11 months ago
10 months ago
11 months ago
11 months ago
11 months ago
11 months ago
11 months ago
10 months ago
11 months ago
10 months ago
10 months ago
11 months ago
11 months ago
12 months ago
11 months ago
11 months ago
1 year ago
12 months ago
11 months ago
12 months ago
12 months ago
12 months ago
1 year ago
12 months ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
1 year ago
1 year ago
2 years ago
1 year ago
2 years ago
2 years ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
2 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago