Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@huaweicloud/huaweicloud-sdk-core
Advanced tools
English | 简体中文
The Huawei Cloud Node.js SDK allows you to easily work with Huawei Cloud services such as Elastic Compute Service (ECS) and Virtual Private Cloud (VPC) without the need to handle API related tasks.
This document introduces how to obtain and use Huawei Cloud Node.js SDK.
To use Huawei Cloud Node.js SDK, you must have Huawei Cloud account as well as the Access Key and Secret key of the Huawei Cloud account. You can create an Access Key in the Huawei Cloud console. For more information, see My Credentials.
To use Huawei Cloud Node.js SDK to access the APIs of specific service, please make sure you do have activated the service in Huawei Cloud console if needed.
Huawei Cloud Node.js SDK requires Node 10.16.1 or later.
The recommended way to install SDK is with npm.
You must depended on @huaweicloud/huaweicloud-sdk-core
library no matter which product/service development kit you
need to use. Take using Devstar SDK for example, you need to install @huaweicloud/huaweicloud-sdk-devstar
library:
npm install @huaweicloud/huaweicloud-sdk-core
npm install @huaweicloud/huaweicloud-sdk-devstar
{Service}Client
for DevStarClient
in actual use.{your ak string}
, {your sk string}
, {your endpoint}
, {your domain id}
and {your job id}
.import express = require('express');
import { DevStarClient } from "@huaweicloud/huaweicloud-sdk-devstar/v1/DevStarClient";
import { GlobalCredentials } from "@huaweicloud/huaweicloud-sdk-core/auth/GlobalCredentials";
import { ShowJobDetailRequest } from '@huaweicloud/huaweicloud-sdk-devstar/v1/model/ShowJobDetailRequest';
// Create a new express application instance
const app: express.Application = express();
app.get('/', function (req: any, res: { send: (arg0: string) => void; }) {
const client = DevStarClient.newBuilder()
.withCredential(new GlobalCredentials()
.withAk("{your ak string}")
.withSk("{your sk string}")
.withProjectId("{your project id}"))
.withEndpoint("{your endpoint}")
.withProxyAgent("")
.build();
const result = client.showJobDetail(new ShowJobDetailRequest("{your job id}"));
result.then(result => {
res.send("JSON.stringify(result)::" + JSON.stringify(result))
}).catch(ex => {
res.send("exception:" + JSON.stringify(ex))
});
});
app.listen(3000, function () {
console.log('Example app listening on port 3000!');
});
# Run command:
npm install ts-node-dev
npm install express
npm install typescript
# Add scripts:
"dev": "ts-node-dev ./index.ts"
# Run command:
npm run dev
# After commands above completed, you could enter `http://localhost:3000/` in your broswer to check the response
Detailed changes for each released version are documented in the CHANGELOG.md.
// Use default configuration
const client = DevStarClient.newBuilder()
// Use proxy if needed
client.withProxyAgent("http://username:password@proxy.huaweicloud.com:8080")
// Skip ssl certification checking while using https protocol if needed
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"
There are two types of Huawei Cloud services, regional
services and global
services.
Global services contain DevStar, IAM.
For Regional
services' authentication, projectId is required. For global
services' authentication, domainId is
required.
Parameter description
:
ak
is the access key ID for your account.sk
is the secret access key for your account.projectId
is the ID of your project depending on your region which you want to operate.domainId
is the account ID of HUAWEI CLOUD.securityToken
is the security token when using temporary AK/SK.You could use permanent AK plus SK or use temporary AK plus SK plus SecurityToken to complete credentials' configuration.
// Regional Services
const basicCredentials = new BasicCredentials()
.withAk(ak)
.withSk(sk)
.withProjectId(projectId)
// Global Services
const globalCredentials = new GlobalCredentials()
.withAk(ak)
.withSk(sk)
.withDomainId(domainId)
It's required to obtain temporary access key, security key and security token first, which could be obtained through permanent access key and security key or through an agency.
Obtaining a temporary access key token through permanent access key and security key, you could refer to
document: https://support.huaweicloud.com/en-us/api-iam/iam_04_0002.html . The API mentioned in the document above
corresponds to the method of CreateTemporaryAccessKeyByToken
in IAM SDK.
Obtaining a temporary access key and security token through an agency, you could refer to
document: https://support.huaweicloud.com/en-us/api-iam/iam_04_0101.html . The API mentioned in the document above
corresponds to the method of CreateTemporaryAccessKeyByAgency
in IAM SDK.
// Regional Services
const basicCredentials = new BasicCredentials()
.withAk(ak)
.withSk(sk)
.withSecurityToken(securityToken)
.withProjectId(projectId)
// Global Services
const globalCredentials = new GlobalCredentials()
.withAk(ak)
.withSk(sk)
.withSecurityToken(securityToken)
.withDomainId(domainId)
const client = DevStarClient.newBuilder()
.withCredential(globalCredentials)
.withEndpoint(endpoint)
.withProxyAgent(proxy)
.build()
where:
endpoint
varies with services and regions,
see Regions and Endpoints to obtain correct endpoint.const result = client.showJobDetail(new ShowJobDetailRequest("id"));
result.then(result => {
res.send("JSON.stringify(result)::" + JSON.stringify(result))
}).catch(ex => {
res.send("exception:" + JSON.stringify(ex))
});
In some situation, you may need to debug your http requests, original http request and response information will be needed. The SDK provides a listener function to obtain the original encrypted http request and response information.
:warning: Warning: The original http log information is used in debugging stage only, please do not print the original http header or body in the production environment. This log information is not encrypted and contains sensitive data such as the password of your ECS virtual machine, or the password of your IAM user account, etc. When the response body is binary content, the body will be printed as "***" without detailed information.
Set the environment variable process.env.DEBUG to enable debug log printing.
3.0.37-rc 2022-04-14
ip_eq
to the interface ListServersDetails
encrypted_user_data
to the interface UpdateFunctionConfig
RunModerationAudio
FAQs
Core code for Huaweicloud SDK for Node.js
The npm package @huaweicloud/huaweicloud-sdk-core receives a total of 1,224 weekly downloads. As such, @huaweicloud/huaweicloud-sdk-core popularity was classified as popular.
We found that @huaweicloud/huaweicloud-sdk-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.