The AWS SDK for JavaScript v2 has reached end-of-support on September 8, 2025. It will no longer receive updates or releases. Previously published versions are available on npm at aws-sdk, and source code remains on GitHub at aws/aws-sdk-js.
We recommend that you migrate to AWS SDK for JavaScript v3, which has been GA since December 2020. Here is why and how you should use it. You can try migration scripts in aws-sdk-js-codemod to migrate your application from v2 to v3.
To get help with your migration, please follow our general guidelines to open an issue. To give feedback on and report issues in the v3 repo, please refer to Giving feedback and contributing.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE.txt and NOTICE.txt for more information.
The google-cloud package is a client library for accessing Google Cloud services similar to how aws-sdk accesses AWS services. It supports services like Google Cloud Storage, BigQuery, and more. While aws-sdk is specific to AWS, google-cloud is tailored for Google Cloud Platform.
The ali-oss package is an SDK for Alibaba Cloud's OSS (Object Storage Service). It offers a subset of the features provided by aws-sdk, but specifically for Alibaba Cloud's storage service. It's a more specialized tool compared to the broad service coverage of aws-sdk.
FAQs
AWS SDK for JavaScript
The npm package aws-sdk receives a total of 8,161,531 weekly downloads. As such, aws-sdk popularity was classified as popular.
We found that aws-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Compromised intercom-client@7.0.4 npm package is tied to the ongoing Mini Shai-Hulud worm attack targeting developer and CI/CD secrets.
Research
Socket detected a malicious supply chain attack on PyPI package lightning versions 2.6.2 and 2.6.3, which execute credential-stealing malware on import.
Research
A brand-squatted TanStack npm package used postinstall scripts to steal .env files and exfiltrate developer secrets to an attacker-controlled endpoint.
