CODEWITHSUNDEEP
amazon-web-servicesamazon-s3aws-sdk
sygi
sygi

Reputation: 4637

Using aws-sdk without credentials

I have an s3 bucket which is set to allow listing for the public. When I do:

aws s3 ls s3://bucket_name/prefix/ --no-sign-request

I manage to successfully list the bucket. I would like to list it within an application that uses aws-sdk for Node.js. There, I do:

import AWS from 'aws-sdk';
const s3 = new AWS.S3();
s3.listObjectsV2({Bucket: bucket_name, Prefix: prefix, Delimiter: "/"}, ...

but I get an error:

message: 'Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1',
2021-09-17T12:40:33.459881+00:00 app[web.1]:   code: 'CredentialsError',
2021-09-17T12:40:33.459881+00:00 app[web.1]:   errno: 'ECONNREFUSED',
2021-09-17T12:40:33.459882+00:00 app[web.1]:   syscall: 'connect',...
2021-09-17T12:40:33.459883+00:00 app[web.1]:   time: 2021-09-17T12:40:33.459Z,
2021-09-17T12:40:33.459884+00:00 app[web.1]:   originalError: 
2021-09-17T12:40:33.459884+00:00 app[web.1]:    { message: 'Could not load credentials from any providers',
2021-09-17T12:40:33.459884+00:00 app[web.1]:      code: 'CredentialsError',
2021-09-17T12:40:33.459884+00:00 app[web.1]:      errno: 'ECONNREFUSED',
2021-09-17T12:40:33.459885+00:00 app[web.1]:      syscall: 'connect',...
2021-09-17T12:40:33.459886+00:00 app[web.1]:      time: 2021-09-17T12:40:33.459Z,
2021-09-17T12:40:33.459886+00:00 app[web.1]:      originalError: 
2021-09-17T12:40:33.459886+00:00 app[web.1]:       { message: 'EC2 Metadata roleName request returned error',
2021-09-17T12:40:33.459887+00:00 app[web.1]:         code: 'ECONNREFUSED',
2021-09-17T12:40:33.459887+00:00 app[web.1]:         errno: 'ECONNREFUSED',
2021-09-17T12:40:33.459888+00:00 app[web.1]:         syscall: 'connect',... }

It looks as if the SDK is trying to get the credentials even though the resource is available without them. Is it possible to mark the request to be made without asking for credentials?

Upvotes: 6

Views: 3912

Answers (1)

Anon Coward
Anon Coward

Reputation: 10828

To prevent the SDK from requiring the credentials, you need to use the makeUnauthenticatedRequest method to place any calls. This allows you to call "an operation on a service with the given input parameters, without any authentication data".

var AWS = require('aws-sdk');
AWS.config.update({region: 'us-west-2'});
s3 = new AWS.S3();

s3.makeUnauthenticatedRequest(
    'listObjects', 
    { Bucket : '-example-bucket-name-', }, 
    function(err, data) {
        if (err) {
            console.log("Error", err);
        } else {
            console.log("Success", data);
        }
    }
);

Older versions of the SDK could accomplish the same thing calling send() after calling removeListener on the validate and sign listeners.

Upvotes: 7

Related Questions