Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
aws-os-connection
Advanced tools
Readme
AWS ES connection for the new OpenSearch client (@opensearch-project/opensearch)
Thanks to ChristopherGillis and as well as the contributors to the Acuris version of this library. I've simply added an action to release this updated OpenSearch version to NPM. I'll continue to maintain this as needed, though hopefully AWS intergrates this directly into their client at some point.
PRs/Issues welcome.
Just add this library with your favorite Node package manager. Examples below.
aws-sdk
and @opensearch-project/opensearch
are required peer dependencies for this library to function, so make sure you have both of those installed.
yarn add aws-os-connection aws-sdk @opensearch-project/opensearch
# or
npm install aws-os-connection aws-sdk @opensearch-project/opensearch
Javascript:
const { Client } = require('@opensearch-project/opensearch')
const { createAWSConnection, awsGetCredentials } = require('aws-os-connection')
const awsCredentials = await awsGetCredentials()
const AWSConnection = createAWSConnection(awsCredentials)
const client = new Client({
...AWSConnection,
node: 'https://node-name.eu-west-1.es.amazonaws.com'
})
// inside async func
await client.cat.help()
Typescript:
import { createAWSConnection, awsGetCredentials } from 'aws-os-connection'
import AWS from 'aws-sdk'
import { Client } from '@opensearch-project/opensearch'
const awsCredentials = await awsGetCredentials()
const AWSConnection = createAWSConnection(awsCredentials)
const client = new Client({
...AWSConnection,
node: 'https://node-name.eu-west-1.es.amazonaws.com'
})
// inside async func
await client.cat.help()
This package creates a Connection class that signs the requests to AWS OpenSearch and a Transport class that checks that the AWS credentials haven't expired before every call, and refreshes them when needed.
Make sure that your AWS credentials are available to your env, for example you could set them in your ENV.
You need a running AWS ES instance for the tests to run against. Set the endpoint URL as the env AWS_ES_ENDPOINT
.
AWS_ES_ENDPOINT=https://xxxx.es.amazonaws.com yarn test
This package has been tested on versions of the official OpenSearch client up to 2.0.0.
FAQs
AWS connection for the @opensearch-project/opensearch OpenSearch client
We found that aws-os-connection demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.