node.jsamazon-web-servicesamazon-s3aws-credentials

Connect to AWS S3 bucket from Nodejs app ( persistent connection required)


I have nodejs/express app from which I want to connect to AWS S3.

I do have a temporary approach to make connection,

environment file

aws_access_key_id=XXX
aws_secret_access_key=XXXX/
aws_session_token=xxxxxxxxxxxxxxxxxxxxxxxxxx

S3-connection-service.js

const AWS = require("aws-sdk");

AWS.config.update({
    accessKeyId: `${process.env.aws_access_key_id}`,
    secretAccessKey: `${process.env.aws_secret_access_key}`,
    sessionToken: `${process.env.aws_session_token}`,
    region: `${process.env.LOCAL_AWS_REGION}`
});

const S3 = new AWS.S3();

module.exports = {
    listBucketContent: (filePath) =>
        new Promise((resolve, reject) => {
            const params = { Bucket: bucketName, Prefix: filePath };
            S3.listObjects(params, (err, objects) => {
                if (err) {
                    reject(err);
                } else {
                    resolve(objects);
                }
            });
        }),
       ....
       ....
 }

controller.js

   const fetchFile = require("../../S3-connection-service.js");

   const AWSFolder = await fetchFile.listBucketContent(filePath);

Fine it's works and I'm able to access S3 bucket files and play with it.

PROBLEM

The problem is connection is not persistent. Since, I use session_token, connection remains alive for sometime and again after sometime new tokens will be generated, I have to copy-paste them in env file and re-run the node app.

I really have no idea how can I make connection persistent ?

Where to store AWS confidential/secrets and how to use them to connect to S3 so connection remains alive ?


Solution

  • Just remove

    AWS.config.update({
        accessKeyId: `${process.env.aws_access_key_id}`,
        secretAccessKey: `${process.env.aws_secret_access_key}`,
        sessionToken: `${process.env.aws_session_token}`,
        region: `${process.env.LOCAL_AWS_REGION}`
    });
    

    code block from lambda source in file S3-connection-service.js

    Attach a role to lambda function with proper permissions. You will have same functionally.

    For local development.

    You can set environment variable before testing your application.

    export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
    export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
    export AWS_DEFAULT_REGION=us-west-2
    

    https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html

    If you are using any IDE you can set these environment variables on it.

    If you are testing from cli

    $ AWS_ACCESS_KEY_ID=EXAMPLE AWS_SECRET_ACCESS_KEY=EXAMPLEKEY AWS_DEFAULT_REGION=us-west-2 npm start