I am encountering a "CredentialsProviderError" in my AWS Lambda function. The Lambda function is designed to interact with Amazon S3. The primary task of this Lambda function involves fetching a JSON file from a specified S3 bucket and responding with the retrieved data.
Despite having an IAM role associated with the function and the appropriate policies attached, the Lambda execution is failing to load credentials from any providers. This operation worked seamlessly when the Lambda function was utilizing AWS SDK v2. However, upon migrating to AWS SDK v3, the Lambda function encounters a "CredentialsProviderError."
The Lambda function does not explicitly set AWS SDK credentials, as it is expected to inherit them from the execution role.
Execution Role Trust Policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
IAM Policy Attached to Execution Role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*",
"s3-object-lambda:*"
],
"Resource": "*"
}
]
}
Hi Ben, thank you for your prompt response.
As I mentioned earlier, the Lambda function is quite straightforward. It simply retrieves a JSON file from an S3 bucket and returns the corresponding JSON response.
Thanks for sharing the code. Is there a particular reason why you need the credentials explicitly? You can just create the S3 Client without additional configuration. See https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html for
Please be also aware that as per documentation https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html, you normally don't need to use
fromNodeProviderChain
explicitly:Appreciate the detailed explanation! I initially faced issues with the default configuration of the S3 client, resulting in
Could not load credentials from any providers
error. To address this, I addedfromNodeProviderChain
as a precautionary measure. Interestingly, it didn't resolve the issue either.Hi, thanks for the quick response. Have you tried using the
@aws-sdk/credential-provider-node
instead. See also the comment on this question: https://repost.aws/questions/QUXMX9z9zCSb21qsnedFZQpg/having-trouble-converting-aws-node-sdk-v2-lambda-to-v3Tried using the
@aws-sdk/credential-provider-node
as well. Still getting the same error