Loading credentials JSON with AWS SDK Results in Error

12,499

Solution 1

You can skip the credential configuration, if you have the env vars
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
The AWS SDK will read those vars by default

If you still want to go with loading credentials from file, check that credentials.json has valid JSON.

Regarding http://aws.amazon.com/sdkfornodejs/ should be something like

{ "accessKeyId": "akid", "secretAccessKey": "secret", "region": "us-west-2" }

Seems like you have access_id where it should be "accessKeyId" and private_key where it should be "secretAccessKey"

Solution 2

Found the answer to this. For some bizarre reason, Amazon uses different field names for credentials in Node vs. other frameworks (e.g. Ruby).

In Ruby, just the two first items are:

"access_id": "[Your AWS Access Key ID]",
"private_key": "[Your AWS Secret Access Key]",

While in Node.js, these same items are:

"accessKeyId": "[Your AWS Access Key ID]",
"secretAccessKey": "[Your AWS Secret Access Key]",

Changed the names in the credentials JSON to the latter and the error is gone. Why couldn't it be the same?

Share:
12,499

Related videos on Youtube

Praneeth Wanigasekera
Author by

Praneeth Wanigasekera

Updated on June 04, 2022

Comments

  • Praneeth Wanigasekera
    Praneeth Wanigasekera over 1 year

    I'm trying to load credentials for AWS with loadFromPath and getting an unexpected error. Hardcoding the same credentials with AWS.config.update works fine. To make sure the path and format of credentials file is correct I loaded the same with fs.readFile and it loads correctly, so there don't seem to be any path / permissions issues. This seems super basic but I've been pulling my hair out trying to resolve. Thanks for your help.

    The error / output:

        Here: /home/ec2-user/.ec2/credentials.json
        Got this through readFile: { access_id: 'XXXXXXX',
        private_key: 'XXXXXXX',
        keypair: 'praneethkey',
        'key-pair-file': '/home/ec2-user/.ec2/praneethkey.pem',
        region: 'us-west-2' }
    
        /home/ec2-user/node_modules/aws-sdk/lib/config.js:221
        if (err) throw err;
                       ^
      SyntaxError: Unexpected token <
        at Object.parse (native)
        at /home/ec2-user/node_modules/aws-sdk/lib/metadata_service.js:100:38
        at IncomingMessage.<anonymous> (/home/ec2-user/node_modules/aws-sdk/lib/metadata_service.js:75:43)
        at IncomingMessage.EventEmitter.emit (events.js:117:20)
        at _stream_readable.js:910:16
        at process._tickCallback (node.js:415:13)
    

    The code:

    'use strict';
    
    var AWS = require('aws-sdk');
    var fs = require('fs');
    
    var pathv = process.env.HOME + '/.ec2/credentials.json';
    
    AWS.config.loadFromPath(pathv);
    
    console.log('Here: ' + pathv);
    
    
    fs.readFile(pathv, 'utf8', function (err, data) {
      if (err) {
        console.log('Error: ' + err);
        return;
      }
      data = JSON.parse(data);
    
    console.log("Got this through readFile:",data);
    
  • Praneeth Wanigasekera
    Praneeth Wanigasekera over 10 years
    Thanks! That's exactly what was going on. I was using a credentials JSON example for AWS with Ruby and didn't realize that it was slightly different for Node.
  • andrew
    andrew over 9 years
    > Why couldn't it be the same? I don't know for sure, but most likely the difference is because standard JS naming practices are to use lowercaseCamelCase for simple variables and CapitalCamelCase for class names. Probably that if I had to guess.
  • trainoasis
    trainoasis over 7 years
    I have AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY set in .bash_profile but AWS SDK does not seem to recognize them. Any ideas perhaps ?
  • alfonsodev
    alfonsodev over 7 years
    @trainoasis make sure the vars are loaded in the environment execute env | grep AWS
  • trainoasis
    trainoasis over 7 years
    Yup, it's in there. Oh, idiot me. Node can probably read these vars, but plain JS can't, this solution doesn't apply. But with plain JS people need to log-in actually to authorize right? Or do you know of any other safe approaches? Thanks!
  • alfonsodev
    alfonsodev over 7 years
    ok, you mean from browser, then you would need to use signature v4 requests docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
  • trainoasis
    trainoasis over 7 years
    Indeed, will check the v4 requests - it seems like a lot of work - or am I wrong :)