![Maven Central Adds Sigstore Signature Validation](https://cdn.sanity.io/images/cgdhsj6q/production/7da3bc8a946cfb5df15d7fcf49767faedc72b483-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
#Node.js library for the Amazon Web Services
A simple Node.js library to communicate with the Amazon Web Services API.
It includes clients for the following services:
Richard Rodger maintains a user-friendly SimpleDB library which is based on aws-lib.
The following snippet implements an ec2 client and makes a call to DescribeInstances
var aws = require("aws-lib");
ec2 = aws.createEC2Client(yourAccessKeyId, yourSecretAccessKey);
ec2.call("DescribeInstances", {}, function(err, result) {
console.log(result);
})
Which returns a JSON response similar to:
[...]
{"item":{
"instanceId":"i-acb2d1db","imageId":"ami-03765c77",
"instanceState": {"code":"80","name":"stopped"},
"privateDnsName":{},"dnsName":{},
"reason":"User initiated (2010-07-28 19:37:54 GMT)"
[...]
Another example, using Product Advertising API:
var prodAdv = aws.createProdAdvClient(yourAccessKeyId, yourSecretAccessKey, yourAssociateTag);
var options = {SearchIndex: "Books", Keywords: "Javascript"}
prodAdv.call("ItemSearch", options, function(err, result) {
console.log(result);
})
Will return a long list of books.
Most clients, such as ec2, ses, simpledb, etc. accept an optional third parameter options
which should be an object of options used to instantiate the client. For example, the ec2 client could be instantiated with an options object like:
ec2 = aws.createEC2Client(yourAccessKeyId, yourSecretAccessKey, {version: '2010-08-31'});
which would instantiate the ec2 client, but using the 2010-08-31 API version.
The example below shows how you can filter results using one of the list of filters documented in the AWS API docs. See the library code for each service to learn about other possible options.
var options = {
host: "ec2.eu-west-1.amazonaws.com", // use a different region to the default
version: "2010-08-31"
};
ec2 = aws.createEC2Client(yourAccessKeyId, yourSecretAccessKey, options);
// create a filter for instances with `mytagname = mytagvalue`
var params = {
"Filter.1.Name": "tag:mytagname",
"Filter.1.Value.1": "mytagvalue"
}
ec2.call("DescribeInstances", params, function(err, result) {
console.log(result);
})
For more examples have a look at /examples and /test.
If you use aws-lib on EC2s it is necessary to distribute your AWS API access key and secret id to each EC2 in order to authenticate requests. IAM Roles removes the need to manually distribute your AWS API access key and secret id to EC2s. Create an IAM role(s) and assign to your EC2s (CloudFormation supports IAM Roles). An access key, secret id, and token will then be provided on the EC2 metadata API. You can then use aws-lib without passing in any credentials to API clients. For example:
var aws = require("aws-lib");
ec2 = aws.createEC2Client(); // Notice no access key nor secret id passed in to client
ec2.call("DescribeInstances", {}, function(err, result) {
console.log(JSON.stringify(result));
});
If no access key or secret id are passed in to the client, aws-lib will attempt to look up the credentials from the EC2 metadata API. The metadata API can also be used like other aws-lib API clients, such as:
var aws = require("aws-lib");
var md = aws.createMetaDataClient();
md.call({endpoint: "instance-id"}, function(err, res) {
console.log(res); // outputs this EC2's instance-id.
});
In order to run the tests you need to copy "test/credentials_template.js" to "test/credentials.js" and add your access key and secret.
credentials.js is part of .gitignore so you don't have to worry about accidentially commiting your secret.
To run the tests execute:
npm test
At livelycode we currently can't invest enough time to merge and test all new contributions. So our friends at mapbox offered to jump in and help maintain this library. We have granted Ian Ward commit access to this repository.
aws-lib is designed to be easily extensible.
If you want to add support for a service, have a look at an existing client and simply follow the pattern.
When submitting a pull request please add a test for at least one API call.
Many thanks to the following people who have contributed so far (ordered by number of commits):
Mirko Kiefer
Paul Bonser
Bernhard K. Weisshuhn
Kent
David Valentiate
Richard Rodger
Sean Coates
john
Jonathan Leibiusky
Matt Duncan
Cameron Gray
Bryon
nagoodman
Blake Matheny
Van Nguyen
Ian Ward
Johannes Auer
Chris Castle
Mike MacCana
FAQs
Extensible Node.js library for the Amazon Web Services API
The npm package aws-lib receives a total of 427 weekly downloads. As such, aws-lib popularity was classified as not popular.
We found that aws-lib demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.