Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
aws-sdk
Advanced tools
The aws-sdk npm package is the official AWS SDK for JavaScript, providing JavaScript objects for AWS services including Amazon S3, EC2, DynamoDB, and more. It allows developers to interact with AWS services programmatically, enabling them to build scalable solutions with AWS infrastructure.
Interacting with Amazon S3
This code sample demonstrates how to retrieve an object from an Amazon S3 bucket using the aws-sdk.
{"const AWS = require('aws-sdk');
const s3 = new AWS.S3();
const params = { Bucket: 'myBucket', Key: 'myKey' };
s3.getObject(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
Managing EC2 Instances
This code sample shows how to describe EC2 instances, providing information about instances running in your AWS account.
{"const AWS = require('aws-sdk');
const ec2 = new AWS.EC2();
const params = { InstanceIds: ['i-1234567890abcdef0'] };
ec2.describeInstances(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
Working with DynamoDB
This code sample illustrates how to retrieve an item from a DynamoDB table using the aws-sdk.
{"const AWS = require('aws-sdk');
const dynamoDB = new AWS.DynamoDB();
const params = {
TableName: 'myTable',
Key: {
'myKey': { S: 'myKeyValue' }
}
};
dynamoDB.getItem(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});"}
The google-cloud package is a client library for accessing Google Cloud services similar to how aws-sdk accesses AWS services. It supports services like Google Cloud Storage, BigQuery, and more. While aws-sdk is specific to AWS, google-cloud is tailored for Google Cloud Platform.
The ali-oss package is an SDK for Alibaba Cloud's OSS (Object Storage Service). It offers a subset of the features provided by aws-sdk, but specifically for Alibaba Cloud's storage service. It's a more specialized tool compared to the broad service coverage of aws-sdk.
The official AWS SDK for JavaScript, available for browsers and mobile devices, or Node.js backends
For release notes, see the CHANGELOG. Prior to v2.4.8, release notes can be found at https://aws.amazon.com/releasenotes/?tag=releasenotes%23keywords%23javascript
If you are upgrading from 1.x to 2.0 of the SDK, please see the upgrading notes for information on how to migrate existing code to work with the new major version.
To use the SDK in the browser, simply add the following script tag to your HTML pages:
<script src="https://sdk.amazonaws.com/js/aws-sdk-2.431.0.min.js"></script>
You can also build a custom browser SDK with your specified set of AWS services. This can allow you to reduce the SDK's size, specify different API versions of services, or use AWS services that don't currently support CORS if you are working in an environment that does not enforce CORS. To get started:
http://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/building-sdk-for-browsers.html
The AWS SDK is also compatible with browserify.
For browser-based web, mobile and hybrid apps, you can use AWS Amplify Library which extends the AWS SDK and provides an easier and declarative interface.
The preferred way to install the AWS SDK for Node.js is to use the npm package manager for Node.js. Simply type the following into a terminal window:
npm install aws-sdk
To use the SDK in a react native project, first install the SDK using npm:
npm install aws-sdk
Then within your application, you can reference the react native compatible version of the SDK with the following:
var AWS = require('aws-sdk/dist/aws-sdk-react-native');
Alternatively, you can use AWS Amplify Library which extends AWS SDK and provides React Native UI components and CLI support to work with AWS services.
You can also use Bower to install the SDK by typing the following into a terminal window:
bower install aws-sdk-js
You can find a getting started guide at:
http://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide
The AWS SDK for JavaScript bundles TypeScript definition files for use in TypeScript projects and to support tools that can read .d.ts
files.
Our goal is to keep these TypeScript definition files updated with each release for any public api.
Before you can begin using these TypeScript definitions with your project, you need to make sure your project meets a few of these requirements:
Use TypeScript v2.x
Includes the TypeScript definitions for node. You can use npm to install this by typing the following into a terminal window:
npm install --save-dev @types/node
If you are targeting at es5 or older ECMA standards, your tsconfig.json
has to include 'es5'
and 'es2015.promise'
under compilerOptions.lib
.
See tsconfig.json for an example.
To use the TypeScript definition files with the global AWS
object in a front-end project, add the following line to the top of your JavaScript file:
/// <reference types="aws-sdk" />
This will provide support for the global AWS
object.
To use the TypeScript definition files within a Node.js project, simply import aws-sdk
as you normally would.
In a TypeScript file:
// import entire SDK
import AWS = require('aws-sdk');
// import AWS object without services
import AWS = require('aws-sdk/global');
// import individual service
import S3 = require('aws-sdk/clients/s3');
In a JavaScript file:
// import entire SDK
var AWS = require('aws-sdk');
// import AWS object without services
var AWS = require('aws-sdk/global');
// import individual service
var S3 = require('aws-sdk/clients/s3');
To create React applications with AWS SDK, you can use AWS Amplify Library which provides React components and CLI support to work with AWS services.
Due to the SDK's reliance on node.js typings, you may encounter compilation issues when using the typings provided by the SDK in an Angular project created using the Angular CLI.
To resolve these issues, either add "types": ["node"]
to the project's tsconfig.app.json
file, or remove the "types"
field entirely.
AWS Amplify Library provides Angular components and CLI support to work with AWS services.
There are a few known limitations with the bundled TypeScript definitions at this time:
apiVersion
, regardless of which apiVersion
is specified when creating a client.any
type.Please use these community resources for getting help. We use the GitHub issues for tracking bugs and feature requests and have limited bandwidth to address them.
aws-sdk-js
If you encounter a bug with the AWS SDK for JavaScript we would like to hear about it. Search the existing issues and try to make sure your problem doesn’t already exist before opening a new issue. It’s helpful if you include the version of the SDK, Node.js or browser environment and OS you’re using. Please include a stack trace and reduced repro case when appropriate, too.
The GitHub issues are intended for bug reports and feature requests. For help and questions with using the AWS SDK for JavaScript please make use of the resources listed in the Getting Help section. There are limited resources available for handling issues and by keeping the list of open issues lean we can respond in a timely manner.
Please see SERVICES.md for a list of supported services.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE.txt and NOTICE.txt for more information.
2.431.0
FAQs
AWS SDK for JavaScript
The npm package aws-sdk receives a total of 7,604,941 weekly downloads. As such, aws-sdk popularity was classified as popular.
We found that aws-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.