CODEWITHSUNDEEP
amazon-web-servicesaws-sdkamazon-elastic-beanstalk
Sam Luther
Sam Luther

Reputation: 1190

How to set aws-sdk credentials using Elastic Beanstalk?

I'm running an express app in Elastic Beanstalk and in one route I'm using the aws-sdk to publish a notification to sns.

This works when running locally, but in the Elastic Beanstalk environment how would/could I set up the credentials 'myprofile'?

router.post('/publish', async (req, res) => {
  var AWS = require('aws-sdk')
  AWS.config.update({region: 'us-east-2'})
  // myprofile exists locally, but how do I deal with this in the elastic beanstalk environment?
  var credentials = new AWS.SharedIniFileCredentials({profile: 'myprofile'})
  AWS.config.credentials = credentials
  //...more stuff
})

Upvotes: 1

Views: 1875

Answers (1)

Alexandre Abreu
Alexandre Abreu

Reputation: 1417

You can use IAM instance profile to provide permissions to your ec2 instance, so when your application loads the SDK, the credentials passed will be automatically loaded.

Check this link https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts-roles.html - what you will need is the instance profile. In order to create a instance profile go to the IAM console > Roles, then choose the service EC2 as a service that can assume this role. Then attach the policies that your application needs calling (SNS stuff).

On the beanstalk settings, under security, you will be able to set the IAM instance profile that you just created - so the instances on this environment should have the role associated with it.

Your code should look like then:

router.post('/publish', async (req, res) => {
  var AWS = require('aws-sdk')
  AWS.config.update({region: 'us-east-2'})

  //...more stuff
})

Also check if you can require and set the region outside of the controller ;)

Upvotes: 2

Related Questions