aws sdk for nodejs - 从 ChainableTemporaryCredentials object 获取凭证
[英]aws sdk for nodejs - getting credentials from ChainableTemporaryCredentials object
问题描述
I'm trying to use AWS nodejs sdk ChainableTemporaryCredentials class to get temporary credentials for a customer AWS account.
我正在尝试使用 AWS nodejs sdk ChainableTemporaryCredentials class获取客户 AWS 帐户的临时凭证。 Here is my code snippet:这是我的代码片段:
const credentials = new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Customer-Role"
},
masterCredentials: new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Automation-Role"
}
})
});
console.log("Credentials ", credentials.accessKeyId) //it prints undefined
const client = new S3({ credentials });
s3.listBuckets(function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data); // successful response with s3 buckets list is printed
});
My requirement is to get sts temporary accessKeyId, secretAccessKey and sessionToken variables from the credentials object above and pass them on to another nodejs module for further AWS actions.我的要求是从上面的credentials object 获取 sts 临时 accessKeyId、secretAccessKey 和 sessionToken 变量,并将它们传递给另一个 nodejs 模块以进行进一步的 AWS 操作。 However, I get undefined as value for all accessKeyId, secretAccessKey and sessionToken properties of credentials object.但是,对于凭据 object 的所有 accessKeyId、secretAccessKey 和 sessionToken 属性,我得到undefined的值。
I know the credentials object is getting the right values since I'm able to list the s3 buckets using those credentials.我知道凭据 object 正在获取正确的值,因为我能够使用这些凭据列出 s3 存储桶。
How can I get the temporary credentials generated by the ChainableTemporaryCredentials class?如何获取由 ChainableTemporaryCredentials class 生成的临时凭证?
Thanks.谢谢。
2 个解决方案
解决方案1
3 2021-05-10 10:09:39
or you can do it like this without wrapping manually with Promise.或者您可以这样做而无需使用 Promise 手动换行。
async function getAWSCredentials() {
const credentials = new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Customer-Role",
},
masterCredentials: new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Automation-Role",
},
}),
});
return credentials.getPromise();
}
解决方案2
1 已采纳 2020-12-29 00:25:30
I got it working by wrapping the credentials code in a Promise like this.我通过像这样将凭证代码包装在 Promise 中来使其工作。
let credentials
AWS.config.credentials = new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Customer-Role"
},
masterCredentials: new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::123456789:role/Test-Automation-Role"
}
})
});
let promise = new Promise((resolve, reject) => {
config.getCredentials(async (err) => {
if (err) {
console.error("Unable to load aws credentials", err.message);
reject(err);
} else {
credentials = {
accessKeyId: config.credentials.accessKeyId,
secretAccessKey: config.credentials.secretAccessKey,
sessionToken: config.credentials.sessionToken,
};
resolve(credentials);
}
});
});
credentials = await promise;
console.log("Credentials ", credentials);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.