We are using IAM role for s3 bucket . We are not using any secret key and access key for accessing image from s3. We want a way to access images from s3 using s3 javascript sdk.
答案 0 :(得分:1)
您需要设置STS并承担角色以获取访问AWS服务的临时凭据。
/* */
var params = {
DurationSeconds: 3600,
RoleArn: "arn:aws:iam::123456789012:role/demo",
RoleSessionName: "Bob"
};
sts.assumeRole(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
AssumedRoleUser: {
Arn: "arn:aws:sts::123456789012:assumed-role/demo/Bob",
AssumedRoleId: "ARO123EXAMPLE123:Bob"
},
Credentials: {
AccessKeyId: "AKIAIOSFODNN7EXAMPLE",
Expiration: <Date Representation>,
SecretAccessKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
SessionToken: "AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA=="
},
PackedPolicySize: 6
}
*/
});
http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/STS.html#assumeRole-property