tessl/npm-aws-sdk--credential-providers
A collection of credential providers for AWS SDK, enabling authentication across different AWS environments and services
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
environment-credentials.mddocs/
Environment Variable Credentials
Environment variable credential provider reads AWS credentials from standard environment variables, making it the simplest credential source for development, testing, and CI/CD environments.
Capabilities
Environment Variable Provider
Creates a credential provider that reads from environment variables.
/**
* Create a credential provider that reads credentials from environment variables
* @param init - Optional initialization parameters
* @returns Promise-based credential provider function
*/
function fromEnv(init?: FromEnvInit): AwsCredentialIdentityProvider;
interface FromEnvInit {
/** Optional logger instance for debugging credential resolution */
logger?: Logger;
}Environment Variables
The provider reads the following environment variables:
- AWS_ACCESS_KEY_ID: The access key for your AWS account (required)
- AWS_SECRET_ACCESS_KEY: The secret key for your AWS account (required)
- AWS_SESSION_TOKEN: The session key for temporary credentials (optional)
- AWS_CREDENTIAL_EXPIRATION: Expiration time in ISO-8601 format for temporary credentials (optional)
Usage Examples:
import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
import { fromEnv } from "@aws-sdk/credential-providers";
// Basic usage
const client = new DynamoDBClient({
region: "us-east-1",
credentials: fromEnv()
});
// With logging
const clientWithLogging = new DynamoDBClient({
region: "us-east-1",
credentials: fromEnv({
logger: console
})
});Setting Environment Variables
Command Line (Unix/Linux/macOS):
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
export AWS_SESSION_TOKEN="AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE"Command Line (Windows):
set AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
set AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
set AWS_SESSION_TOKEN=AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAEDocker Environment:
ENV AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
ENV AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"Error Handling
The provider will reject with an error if:
AWS_ACCESS_KEY_IDis not set or contains a falsy valueAWS_SECRET_ACCESS_KEYis not set or contains a falsy valueAWS_CREDENTIAL_EXPIRATIONis set but contains an invalid ISO-8601 date format
import { fromEnv } from "@aws-sdk/credential-providers";
try {
const credentials = await fromEnv()();
console.log("Credentials loaded successfully");
} catch (error) {
console.error("Failed to load credentials from environment:", error.message);
}Temporary Credentials
When using temporary credentials (e.g., from AWS STS), include the session token:
export AWS_ACCESS_KEY_ID="ASIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
export AWS_SESSION_TOKEN="AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE"
# Optional expiration time
export AWS_CREDENTIAL_EXPIRATION="2023-12-31T23:59:59Z"Availability
- Node.js: ✅ Available
- Browser: ❌ Not available (environment variables are not accessible in browsers)
- React Native: ❌ Not available