access my buckets in s3 through secret manager key without logging any crenditials in neither cli nor code.

Question

Hi there,

I am developing an Node.js Application. Where I want that only IAM role have permission to access S3 Bucket.

I need to do that without Secret key and access ID of IAM User. We store our Keys in Secret Manager.  I want to access my buckets in s3 through secret manager key without logging any crenditials in neither cli nor code.

any other way to access these in sdk?

Answer

Hi,

If I understand your question correctly, you want to know how you can access S3 without using credentials (Access key/secret key).

1. You can use AssumeRole API in your SDK, an example is available here : https://docs.aws.amazon.com/IAM/latest/UserGuide/example_sts_AssumeRole_section.html

2. If you have your credentials stored in secrets manager you can retrieve them without specifying them in your code or CLI. You will use AWS SDK for secrets manager API to specify the variables that stores your credentials. Refer to an example here : https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/manage-credentials-using-aws-secrets-manager.html

3. As you have a Node.js application, you can also consider deploying it with AWS amplify that has a storage plugin to access S3 buckets : https://docs.amplify.aws/lib/storage/getting-started/q/platform/js/

access my buckets in s3 through secret manager key without logging any crenditials in neither cli nor code.

Contenus pertinents