Security News
Django Joins curl in Pushing Back on AI Slop Security Reports
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
By Sarah Gooding - Jun 30, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
aws-elasticsearch-js
Advanced tools
AWS Elasticsearch
Use Elastic's official elasticsearch-js with Amazon Elasticsearch.
Install
npm i aws-elasticsearch-js
Usage
const elasticsearch = require('@elastic/elasticsearch');
const { createConnector } = require('aws-elasticsearch-js');
const region = process.env.AWS_REGION || 'us-east-1';
const domain = 'https://domain-1-abc123.region.es.amazonaws.com/';
const client = new elasticsearch.Client({
nodes: [ domain ],
Connection: createConnector({ region })
});
// use in the normal way
async function example() {
await client.index({ index: 'test', doc: { test: 'hello' } });
await client.indices.refresh();
let result = await client.search({ index: 'test' });
}
example();
Credentials
The connector will use AWS credentials from the environment.
If you have another method of loading / refreshing credentials, you can pass them using getCreds:
// heads up: this is called on every request
const getCreds = cb => {
// load creds from somewhere...
const credentials = { accessKeyId, secretAccessKey };
// or credentials = { sessionToken }
const err = null; // if you give an error, the request will abort
cb(err, credentials);
};
createConnector({ region, getCreds });
Options
// options and example values
const options = {
region: 'us-east-1', // AWS region (defaults to process.env.AWS_REGION)
getCreds: cb => cb(err, credentials) // see above
};
createConnector(options);
Test
# make sure aws creds are defined in the environment
AWS_REGION=us-east-1 \
AWS_ES_DOMAIN=https://domain-1-abc123.region.es.amazonaws.com/ \
npm test
Troubleshooting
If you get status code 403:
- check your code is running with the right role / aws access credentials.
- make sure your role / user is authorised in the domain's access policy, or choose "allow open access to the domain" if your domain is in VPC.
- make sure you've allowed your user/role if you're using aws elasticsearch's security and access management.
- One quick way to do this is go to Kibana > Security > roles > all_access > mapped users > manage mapping > users/backend roles and add the ARNs there.
FAQs
Use elasticsearch-js with Amazon ES
The npm package aws-elasticsearch-js receives a total of 2,948 weekly downloads. As such, aws-elasticsearch-js popularity was classified as popular.
We found that aws-elasticsearch-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Apr 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
By Sarah Gooding - Jun 26, 2025
Security News
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
By Sarah Gooding - Jun 25, 2025