I am trying to configure the AWS JavaScript SDK for use with Node.js. I am trying to establish connectivity between a React app running locally, and a Lambda, using the @aws-sdk/client-lambda and @aws-sdk/credential-providers packages. I am following this AWS documentation to configure my Lambda client: https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html .
I am creating a session token using the AWS CLI, with the command:
aws cli login -s, and then selecting my preferred IAM role. The output of this command is:
Assuming role arn:aws:iam::1234567890:role/12345-my-role-name as NAEAST\MyUserID on app-dev-12345-myorg (1234567890) in region us-east-1...
According to the docs, I should be able to use the default provider chain to access this token that I just created:
AWS SDK for JavaScript V3 provides a default credential provider chain in Node.js, so you are not required to supply a credential provider explicitly. The default credential provider chain attempts to resolve the credentials from a variety of different sources in a given precedence, until a credential is returned from the one of the sources. You can find the credential provider chain for SDK for JavaScript V3 here.
I am assuming this default provider chain is the fromNodeProviderChain. The code they give to use this credential provider is:
import { fromNodeProviderChain } from "@aws-sdk/credential-providers"; // ES6 import
// const { fromNodeProviderChain } = require("@aws-sdk/credential-providers") // CommonJS import
const credentialProvider = fromNodeProviderChain({
//...any input of fromEnv(), fromSSO(), fromTokenFile(), fromIni(),
// fromProcess(), fromInstanceMetadata(), fromContainerMetadata()
// Optional. Custom STS client configurations overriding the default ones.
clientConfig: { region },
});
I add this to my bare-bones React app, like so:
import { LambdaClient, InvokeCommand } from '@aws-sdk/client-lambda';
import { fromNodeProviderChain } from '@aws-sdk/credential-providers';
const HomePage = () => {
const region = 'us-east-1';
const credentialProvider = fromNodeProviderChain({
//...any input of fromEnv(), fromSSO(), fromTokenFile(), fromIni(),
// fromProcess(), fromInstanceMetadata(), fromContainerMetadata()
// Optional. Custom STS client configurations overriding the default ones.
clientConfig: { region },
});
const config = {
region,
credentials: credentialProvider
};
const client = new LambdaClient(config);
...
...
...
However, I get an error like this:
Uncaught SyntaxError: The requested module '/node_modules/.vite/deps/@aws-sdk_credential-providers.js?t=1708529564599&v=0778e0cf does not provide an export named 'fromNodeProviderChain' (Home.tsx:4:10)
What is going on here? I am able to import the Lambda client using ES6 syntax, so that is not the issue. I am also able to import other credential providers from the @aws-sdk/credential-providers package, such as:
import { fromCognitoIdentity } from '@aws-sdk/credential-providers';
import { fromTemporaryCredentials } from '@aws-sdk/credential-providers'; // ES6 import
These do not throw an import error.
I would very much like to use fromNodeProviderChain because that seems by far the easiest to set up, and it should be able to grab my session token.
Ok, so was misunderstanding what the docs meant by 'Node app' and 'browser.' I assumed that because React uses Node.js, it is a 'Node app' in this context but it is actually just a 'browser' app. The docs are quite clear that fromNodeProviderChain is not usable in a browser app. This is the issue.
For local development purposes, I am using a workaround like the ones described here: Can't export fromIni from @aws-sdk/credential-providers . When I deploy this app, I intend to use AWS Cognito.