Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The aws-sdk npm package is the official AWS SDK for JavaScript, providing JavaScript objects for AWS services including Amazon S3, EC2, DynamoDB, and more. It allows developers to interact with AWS services programmatically, enabling them to build scalable solutions with AWS infrastructure.
Interacting with Amazon S3
This code sample demonstrates how to retrieve an object from an Amazon S3 bucket using the aws-sdk.
{"const AWS = require('aws-sdk');
const s3 = new AWS.S3();
const params = { Bucket: 'myBucket', Key: 'myKey' };
s3.getObject(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
Managing EC2 Instances
This code sample shows how to describe EC2 instances, providing information about instances running in your AWS account.
{"const AWS = require('aws-sdk');
const ec2 = new AWS.EC2();
const params = { InstanceIds: ['i-1234567890abcdef0'] };
ec2.describeInstances(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
Working with DynamoDB
This code sample illustrates how to retrieve an item from a DynamoDB table using the aws-sdk.
{"const AWS = require('aws-sdk');
const dynamoDB = new AWS.DynamoDB();
const params = {
TableName: 'myTable',
Key: {
'myKey': { S: 'myKeyValue' }
}
};
dynamoDB.getItem(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
The google-cloud package is a client library for accessing Google Cloud services similar to how aws-sdk accesses AWS services. It supports services like Google Cloud Storage, BigQuery, and more. While aws-sdk is specific to AWS, google-cloud is tailored for Google Cloud Platform.
The ali-oss package is an SDK for Alibaba Cloud's OSS (Object Storage Service). It offers a subset of the features provided by aws-sdk, but specifically for Alibaba Cloud's storage service. It's a more specialized tool compared to the broad service coverage of aws-sdk.
The official JavaScript implementation of the AWS SDK for Node.js.
The preferred way to install the AWS SDK for Node.js is to use the npm package manager for Node.js. Simply type the following into a terminal window:
npm install aws-sdk
After you've installed the SDK, you can require the AWS package in your node
application using require
:
var AWS = require('aws-sdk');
Here is a quick example that makes some requests against Amazon S3 with the SDK:
// Load the AWS SDK for Node.js
var AWS = require('aws-sdk');
/**
* Don't hard-code your credentials!
* Load them from disk or your environment instead.
*/
// AWS.config.update({accessKeyId: 'AKID', secretAccessKey: 'SECRET'});
// Instead, do this:
AWS.config.loadFromPath('./path/to/credentials.json');
// Set your region for future requests.
AWS.config.update({region: 'us-east-1'});
// Create a bucket using bound parameters and put something in it.
// Make sure to change the bucket name from "myBucket" to something unique.
var s3bucket = new AWS.S3({params: {Bucket: 'myBucket'}});
s3bucket.createBucket(function() {
var data = {Key: 'myKey', Body: 'Hello!'};
s3bucket.putObject(data, function(err, data) {
if (err) {
console.log("Error uploading data: ", err);
} else {
console.log("Successfully uploaded data to myBucket/myKey");
}
});
});
You can find a getting started guide at:
http://docs.amazonwebservices.com/nodejs/latest/dg/
The SDK currently supports the following services:
Service Name | Class Name | API Version |
---|---|---|
Amazon CloudFront | AWS.CloudFront | 2012-05-05 |
2013-05-12 | ||
Amazon CloudSearch | AWS.CloudSearch | 2011-02-01 |
Amazon CloudWatch | AWS.CloudWatch | 2010-08-01 |
Amazon DynamoDB | AWS.DynamoDB | 2011-12-05 |
2012-08-10 | ||
Amazon Elastic Compute Cloud | AWS.EC2 | 2013-07-15 |
Amazon Elastic MapReduce | AWS.EMR | 2009-03-31 |
Amazon Elastic Transcoder | AWS.ElasticTranscoder | 2012-09-25 |
Amazon ElastiCache | AWS.ElastiCache | 2013-06-15 |
Amazon Glacier | AWS.Glacier | 2012-06-01 |
Amazon Redshift | AWS.Redshift | 2012-12-01 |
Amazon Relational Database Service | AWS.RDS | 2013-01-10 |
2013-02-12 | ||
2013-05-15 | ||
Amazon Route 53 | AWS.Route53 | 2012-12-12 |
Amazon Simple Email Service | AWS.SES | 2010-12-01 |
Amazon Simple Notification Service | AWS.SNS | 2010-03-31 |
Amazon Simple Queue Service | AWS.SQS | 2012-11-05 |
Amazon Simple Storage Service | AWS.S3 | 2006-03-01 |
Amazon Simple Workflow Service | AWS.SimpleWorkflow | 2012-01-25 |
Amazon SimpleDB | AWS.SimpleDB | 2009-04-15 |
Auto Scaling | AWS.AutoScaling | 2011-01-01 |
AWS CloudFormation | AWS.CloudFormation | 2010-05-15 |
AWS Data Pipeline | AWS.DataPipeline | 2012-10-29 |
AWS Direct Connect | AWS.DirectConnect | 2012-10-25 |
AWS Elastic Beanstalk | AWS.ElasticBeanstalk | 2010-12-01 |
AWS Identity and Access Management | AWS.IAM | 2010-05-08 |
AWS Import/Export | AWS.ImportExport | 2010-06-01 |
AWS OpsWorks | AWS.OpsWorks | 2013-02-18 |
AWS Security Token Service | AWS.STS | 2011-06-15 |
AWS Storage Gateway | AWS.StorageGateway | 2012-06-30 |
AWS Support | AWS.Support | 2013-04-15 |
Elastic Load Balancing | AWS.ELB | 2012-06-01 |
This SDK is distributed under the Apache License, Version 2.0.
Copyright 2012. Amazon Web Services, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
FAQs
AWS SDK for JavaScript
The npm package aws-sdk receives a total of 8,627,016 weekly downloads. As such, aws-sdk popularity was classified as popular.
We found that aws-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.