A simple Node application that lists the files in an S3 Bucket, and allows new files to be uploaded. This application services primarily as a demonstration of how to configure an application that can communicate with S3 services using credentials and configuration specified by environment variables.
- Node version 8 or later
- An existing S3 Bucket
- An AWS IAM User that has the
ListObjects
andPutObject
permissions on that bucket.
- Clone this application using Git:
git clone [email protected]:FountainheadTechnologies/node-s3-demo-app.git
- Install the application dependencies using NPM:
npm install
- Start the application, specifying the name of the S3 bucket to use as an environment variable:
env S3_BUCKET_NAME=INSERT_YOUR_BUCKET_NAME_HERE npm start
The application does not explicitly provide any credentials to the underlying S3 library that is used to list and upload objects in a Bucket. Instead, the library uses the standard method of resolving credentials:
- Use the
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
environment variables if they have been set. - Use AWS CLI configuration from
~/.aws/credentials
if it is present. - Attempt to use the EC2 Instance Profile if it has been configured.
Therefore, in order to use an explicit set of credentials, use environment variables like so:
env S3_BUCKET_NAME=INSERT_YOUR_BUCKET_NAME_HERE AWS_ACCESS_KEY_ID=INSERT_YOUR_ACCESS_KEY_ID_HERE AWS_SECRET_ACCESS_KEY=INSERT_YOUR_SECRET_ACCESS_KEY_HERE npm start
This approach is useful for debugging or experimenting, but highly discouraged for production scenarios, as your credentials will be stored in your shell history.
Even if you were to automate the insertion of the variables, they still need to reside on the machine somewhere.
Therefore, the best approach, at least when running on an EC2 Instance, is to use EC2 Instance Profiles.