skip to Main Content

In my Nodejs app, I have been using aws-sdk (2.x) to get S3 objects. Below code works pretty fine.

const AWS = require("aws-sdk");
S3 = new AWS.S3({
        accessKeyId: 'actual_accessKeyId',
        secretAccessKey: 'actual_secretAccessKey',
        region: 'region',
        signatureVersion: "v4",
});


const listBucketContent = (filePath, bucketName) => {
    const params = { Bucket: bucketName, Prefix: filePath };
    return S3.listObjects(params).promise();
};

However, as you can see above, I use hardcoded accesskey and secretaccesskey.


I actually don’t want to use accesskey and secretAccesskey.

I have AWS SSO configured in my machine which looks something like below,

[profile AWS-XXX]
sso_start_url = https://XXX.XXX.com/start/#
sso_region = XXXXX
sso_account_id = XXXXXXXXXX
sso_role_name = XXXAdministratorAccess
region = XXXX

I want to use SSO directly but don’t seem to find any way or articles to use it with aws-sdk.

So how can get S3 objects using AWS SSO?

2

Answers


  1. An example for the aws-sdk for C# is documented in AWS Docs here.

    The equivalent of methods and class to use for AWS SDK for JavaScript v2. upcoming end of support for v2 so it’s better to use the v3

    but it seems that you need to do the login (manually or progrmatically) prior the execution of the code

    Login or Signup to reply.
  2. In SSO(The modern IAM), The key rotates every once in a while. You need to configure it only once with a role that you will assume during login and will correlate to the relevant account/environment/console you manage.
    Follow this configuration, You can configure the role to have a limited permissions.

    More documentation here:
    https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
    https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/getting-your-credentials.html

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search