Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (19.1k points)

Using the AWS SDK for JavaScript, I want to use a default profile that assumes the role. This works perfectly with the AWS CLI. Using node.js with the SDK does not assume the role, but only uses credentials to the AWS account that the access key belongs to. I've found this documentation but it does not deal with assuming a role: http://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/loading-node-credentials-shared.html

Any tips?

This is my config file:

[default]

role_arn = arn:aws:iam::123456789:role/Developer

source_profile = default

output = json

region = us-east-1

1 Answer

0 votes
by (44.4k points)

The CLI and SDK work differently, in that you must explicitly assume the role when using the SDK. The SDK doesn't automatically assume the role from the config as the CLI does.

After the role is assumed, the AWS.config must be updated with the new credentials.

This works for me:

var AWS = require('aws-sdk');

AWS.config.region = 'us-east-1';

var sts = new AWS.STS();

sts.assumeRole({

  RoleArn: 'arn:aws:iam::123456789:role/Developer',

  RoleSessionName: 'awssdk'

}, function(err, data) {

  if (err) { // an error occurred

    console.log('Cannot assume role');

    console.log(err, err.stack);

  } else { // successful response

    AWS.config.update({

      accessKeyId: data.Credentials.AccessKeyId,

      secretAccessKey: data.Credentials.SecretAccessKey,

      sessionToken: data.Credentials.SessionToken

    });

  }

});

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...