Class: AWS.SharedIniFileCredentials

Inherits:
AWS.Credentials show all
Defined in:
lib/credentials/shared_ini_file_credentials.js

Overview

Note:

This feature is not supported in the browser environment of the SDK.

Represents credentials loaded from shared credentials file (defaulting to ~/.aws/credentials or defined by the AWS_SHARED_CREDENTIALS_FILE environment variable).

Using the shared credentials file

This provider is checked by default in the Node.js environment. To use the credentials file provider, simply add your access and secret keys to the ~/.aws/credentials file in the following format:

[default]
aws_access_key_id = AKID...
aws_secret_access_key = YOUR_SECRET_KEY

Using custom profiles

The SDK supports loading credentials for separate profiles. This can be done in two ways:

  1. Set the AWS_PROFILE environment variable in your process prior to loading the SDK.
  2. Directly load the AWS.SharedIniFileCredentials provider:
var creds = new AWS.SharedIniFileCredentials({profile: 'myprofile'});
AWS.config.credentials = creds;

Constructor Summary

Property Summary

Properties inherited from AWS.Credentials

expired, expireTime, accessKeyId, secretAccessKey, sessionToken, expiryWindow

Method Summary

Methods inherited from AWS.Credentials

needsRefresh, get, getPromise, refreshPromise

Constructor Details

new AWS.SharedIniFileCredentials(options) ⇒ void

Creates a new SharedIniFileCredentials object.

Parameters:

  • options (map)

    a set of options

Options Hash (options):

  • profile (String) — default: AWS_PROFILE env var or 'default'

    the name of the profile to load.

  • filename (String) — default: '~/.aws/credentials' or defined by AWS_SHARED_CREDENTIALS_FILE process env var

    the filename to use when loading credentials.

  • disableAssumeRole (Boolean) — default: false

    True to disable support for profiles that assume an IAM role. If true, and an assume role profile is selected, an error is raised.

  • preferStaticCredentials (Boolean) — default: false

    True to prefer static credentials to role_arn if both are present.

  • tokenCodeFn (Function) — default: null

    Function to provide STS Assume Role TokenCode, if mfa_serial is provided for profile in ini file. Function is called with value of mfa_serial and callback, and should provide the TokenCode or an error to the callback in the format callback(err, token)

  • callback (Function) — default: err

    Credentials are eagerly loaded by the constructor. When the callback is called with no error, the credentials have been loaded successfully.

  • httpOptions (map)

    A set of options to pass to the low-level HTTP request. Currently supported options are: * proxy [String] — the URL to proxy requests through * agent [http.Agent, https.Agent] — the Agent object to perform HTTP requests with. Used for connection pooling. Defaults to the global agent (http.globalAgent) for non-SSL connections. Note that for SSL connections, a special Agent object is used in order to enable peer certificate verification. This feature is only available in the Node.js environment. * connectTimeout [Integer] — Sets the socket to timeout after failing to establish a connection with the server after connectTimeout milliseconds. This timeout has no effect once a socket connection has been established. * timeout [Integer] — Sets the socket to timeout after timeout milliseconds of inactivity on the socket. Defaults to two minutes (120000).

Method Details

refresh(callback) ⇒ void

Loads the credentials from the shared credentials file

Callback (callback):

  • function(err) { ... }

    Called after the shared INI file on disk is read and parsed. When this callback is called with no error, it means that the credentials information has been loaded into the object (as the accessKeyId, secretAccessKey, and sessionToken properties).

    Parameters:

    • err (Error)

      if an error occurred, this value will be filled

See Also:

  • AWS.SharedIniFileCredentials.get