@aws-sdk/credential-provider-ini
Advanced tools
Package description
The @aws-sdk/credential-provider-ini package is a module that allows Node.js developers to load AWS credentials from INI-formatted files, such as the ones created by the AWS CLI. This package is part of the AWS SDK for JavaScript (v3) and is used to retrieve AWS credentials from local configuration files, enabling developers to authenticate AWS SDK calls.
Loading credentials from a shared INI file
This feature allows developers to load AWS credentials from a shared INI file, typically located at `~/.aws/credentials`. The `fromIni` function reads the file and returns the credentials for the default profile or a specified profile.
const { fromIni } = require('@aws-sdk/credential-provider-ini');
const credentials = fromIni();Specifying a custom profile
Developers can specify a custom profile to load credentials for a specific AWS account or role. This is useful when working with multiple AWS accounts or when different permissions are needed.
const { fromIni } = require('@aws-sdk/credential-provider-ini');
const credentials = fromIni({ profile: 'myCustomProfile' });Assuming a role with MFA
This feature supports assuming an IAM role that requires Multi-Factor Authentication (MFA). The `mfaCodeProvider` is a function that returns the MFA code, which is then used to assume the role.
const { fromIni } = require('@aws-sdk/credential-provider-ini');
const credentials = fromIni({
profile: 'myRoleProfile',
mfaCodeProvider: async () => '123456', // Replace with actual MFA code provider
});The original AWS SDK for JavaScript (v2) includes credential loading capabilities similar to @aws-sdk/credential-provider-ini. It allows loading credentials from INI files, but it is part of a larger package rather than a modular approach taken by the newer AWS SDK (v3).
This package provides utilities for working with AWS profiles stored in INI files. It offers similar functionality for loading credentials but is not officially maintained by AWS and may not have the same level of support or integration with the AWS SDK.
awscred is another npm package that can load AWS credentials from various sources, including INI files. It provides a simple interface for retrieving credentials but does not offer the modular, per-service approach of the AWS SDK (v3).
Readme
This module provides a function, fromSharedConfigFiles that will create
CredentialProvider functions that read from a shared credentials file at
~/.aws/credentials and a shared configuration file at ~/.aws/config. Both
files are expected to be INI formatted with section names corresponding to
profiles. Sections in the credentials file are treated as profile names, whereas
profile sections in the config file must have the format of[profile profile-name], except for the default profile. Please see the sample
files below for examples of well-formed configuration and
credentials files.
Profiles that appear in both files will not be merged, and the version that appears in the credentials file will be given precedence over the profile found in the config file.
You may customize how credentials are resolved by providing an options hash to
the fromSharedConfigFiles factory function. The following options are
supported:
profile - The configuration profile to use. If not specified, the provider
will use the value in the AWS_PROFILE environment variable or a default of
default.filepath - The path to the shared credentials file. If not specified, the
provider will use the value in the AWS_SHARED_CREDENTIALS_FILE environment
variable or a default of ~/.aws/credentials.configFilepath - The path to the shared config file. If not specified, the
provider will use the value in the AWS_CONFIG_FILE environment variable or a
default of ~/.aws/config.mfaCodeProvider - A function that returns a a promise fulfilled with an
MFA token code for the provided MFA Serial code. If a profile requires an MFA
code and mfaCodeProvider is not a valid function, the credential provider
promise will be rejected.roleAssumer - A function that assumes a role and returns a promise
fulfilled with credentials for the assumed role.~/.aws/credentials[default]
aws_access_key_id=foo
aws_secret_access_key=bar
[dev]
aws_access_key_id=foo2
aws_secret_access_key=bar2
[prod]
aws_access_key_id=foo3
aws_secret_access_key=bar3
~/.aws/config[default]
aws_access_key_id=foo
aws_secret_access_key=bar
[profile dev]
aws_access_key_id=foo2
aws_secret_access_key=bar2
[profile prod]
aws_access_key_id=foo3
aws_secret_access_key=bar3
[profile "testing host"]
aws_access_key_id=foo4
aws_secret_access_key=bar4
FAQs
AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config
The npm package @aws-sdk/credential-provider-ini receives a total of 18,568,496 weekly downloads. As such, @aws-sdk/credential-provider-ini popularity was classified as popular.
We found that @aws-sdk/credential-provider-ini demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).
Security News
LDAPjs, an LDAP Client and Server API for Node.js, was decommissioned after its maintainer received an abusive email from a user, raising concerns about this form of abuse as a potential attack vector.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.