Amazon Web Services

  • npm i @pi-r/aws

Storage

Interface

import type { ConfigurationOptions } from "aws-sdk/lib/core";

interface AWSStorage extends CloudStorage {
    service: "aws";
    credential: string | AWSStorageCredential;
    bucket: string;
}

interface AWSStorageCredential extends ConfigurationOptions {
    profile?: string;
    fromPath?: string;
}

Authentication

using process.env
AWS_ACCESS_KEY_ID = "";
AWS_SECRET_ACCESS_KEY = "";
AWS_SESSION_TOKEN = ""; // Optional

AWS_SDK_LOAD_CONFIG = "<any>"; // AWS.SharedIniFileCredentials
AWS_SHARED_CREDENTIALS_FILE = "<default>"; // Default is "~/.aws/credentials"
AWS_PROFILE = "<default>";

AWS_WEB_IDENTITY_TOKEN_FILE = ""; // AWS.TokenFileWebIdentityCredentials

AWS_CONTAINER_CREDENTIALS_RELATIVE_URI = ""; // AWS.RemoteCredentials
AWS_CONTAINER_CREDENTIALS_FULL_URI = "";
{
  "dataSource": {
    "credential": "main", // squared.cloud.json
    /* OR */
    "credential": {
      "accessKeyId": "**********",
      "secretAccessKey": "**********",
      "region": "ap-northeast-1",
      "sessionToken": ""
    },
    /* OR */
    "credential": {
      "profile": "work-account"
    },
    /* OR */
    "credential": {
      "fromPath": "./config.json" // Current request only (read permission)
    }
  }
}

Example usage

{
  "selector": "html", // Any resource
  "cloudStorage": [{
    "service": "aws",
    "bucket": "nodejs-001",
    "credential": {/* Authentication */},
    "admin": {
      "publicRead": true, // Bucket + uploaded objects
      /* OR */
      "publicRead": 1, // Bucket only (s3::ListBucket*)
      /* OR */
      /* Will modify existing bucket (equivalent policy) + uploaded objects */
      "acl": "private", // Canned ACL - Bucket

      "configBucket": {
        "policy": {
          "Policy": "", // s3.putBucketPolicy
          /* OR */
          "ACL": "authenticated-read", // s3.putBucketAcl
          /* OR */
          "PublicAccessBlockConfiguration": { // s3.putPublicAccessBlock
            "BlockPublicAcls": false,
            "BlockPublicPolicy": false,
            "IgnorePublicAcls": false,
            "RestrictPublicBuckets": false
          }
        },
        "tags": { // s3.putBucketTagging
          "Tagging": {
            "TagSet": [{
              "Key": "key_1",
              "Value": "value_1"
            }]
          }
        },
        "tags": { // s3.deleteBucketTagging
          "Tagging": {
            "TagSet": []
          }
        },
        "website": { // s3.putBucketWebsite
          "indexPage": "index.html", // IndexDocument
          "errorPage": "404.html" // ErrorDocument
        },
        /* During call to "upload" */
        "create": { // s3.createBucket
          "ACL": "public-read",
          "CreateBucketConfiguration": {
            "LocationConstraint": "ap-northeast-3"
          }
        },
        "cors": {
          "CORSRules": [/* Rule */], // s3.putBucketCors{CORSConfiguration}
          "CORSRules": [] // s3.deleteBucketCors
        },
        "lifecycle": {
          "Rules": [/* Rule */], // s3.putBucketLifecycleConfiguration{LifecycleConfiguration}
          "Rules": [] // s3.deleteBucketLifecycle
        },
        "retentionPolicy": {/* DefaultRetention */} // s3.putObjectLockConfiguration{ObjectLockConfiguration[Rule]}
      }
    },
    "upload": { // s3.upload
      "publicRead": true, // Will overwrite primary options.ACL
      /* OR */
      "acl": "private" // Canned ACL - Object

      "options": { // PutObjectRequest
        "ContentType": "text/html", // Primary object only
        "ACL": "private", // All objects
        "Metadata": {/* Record<string, string> */}, // All objects except when "metadata" is defined
        "ExpectedBucketOwner": ""
      },

      "chunkSize": "5mb", // Same as "partSize"
      "chunkLimit": 4, // Same as "queueSize"

      /* Primary object only */
      "metadata": {
        "Content-Type": "text/html; charset=UTF-8",
        "Content-Encoding": "gzip",
        "Expires": "Wed, 21 Oct 2015 07:28:00 GMT"
      },
      "tags": { // s3.putObjectTagging{TagSet}
        "key_1": "value",
        "key_2": "value"
      },
      "tags": {}, // s3.deleteObjectTagging
      "tags": false
    },
    "download": {
      /* s3.getObject */
      "options": { // GetObjectRequest
        "ExpectedBucketOwner": "",
        "IfMatch": ""
      }
      /* Same as interface */
    }
  }]
}

Database

Interface

import type { ServiceConfigurationOptions } from "aws-sdk/lib/service";
import type { BatchGetItemInput, Key, QueryInput, ScanInput, UpdateItemInput } from "aws-sdk/clients/dynamodb";

interface AWSDatabaseQuery extends CloudDatabase {
    source: "cloud";
    service: "aws";
    credential: string | AWSDatabaseCredential;
    key?: string | Key;
    query?: QueryInput | Key[];
    params?: BatchGetItemInput | ScanInput;
    options?: Record<string, unknown>;
    update?: UpdateItemInput;
}

interface AWSDatabaseCredential extends AWSStorageCredential, ServiceConfigurationOptions {/* Empty */}

Authentication

/* Same as Storge */

AWS_REGION = "";
{
  "dataSource": {
    "credential": "main", // squared.cloud.json
    /* OR */
    "credential": {/* Same as Storage */}
  }
}

Example usage

{
  "selector": "h1",
  "type": "text",
  "dataSource": {
    "source": "cloud",
    "service": "aws",
    "credential": {/* Authentication */},
    "table": "demo",

    "query": { // db.query
      "KeyConditionExpression": "#name = :value",
      "ExpressionAttributeNames": { "#name": "id" },
      "ExpressionAttributeValues": { ":value": "1" }
    },
    /* OR */
    "query": [{ "name": { "S": "value" } }], // db.batchGet{BatchGetItemInput[RequestItems]}
    "query": "<empty>", // db.scan
    "params": { // BatchGetItemInput | ScanInput
      "ProjectionExpression": "name"
    },
    /* OR */
    "key": { // db.get{GetItemInput[Key]}
      "a": "value",
      "b": 1
    },
    /* OR */
    "key": "c", // { "c": 1 }
    "id": 1,

    "value": "<b>${title}</b>: ${description}",

    "update": { // db.update
      "TableName": "<table>",
      "Key": "<key>"
    },
    "key": "c" // Same as item being retrieved
  }
}

@pi-r/aws

Added in version 0.7.0:

  • CLOUD_UPLOAD_STREAM attribute in ICloudServiceClient was enabled.

  • CLOUD_UPLOAD_CHUNK attribute in ICloudServiceClient was enabled.

  • chunkSize | chunkLimit in CloudStorageUpload were implemented.

  • configBucket.tags using PutBucketTaggingRequest was implemented.

  • configBucket.cors using CORSConfiguration was implemented.

  • configBucket.lifecycle using LifecycleConfiguration was implemented.

Removed in version 0.7.0:

  • AWS_SESSION_TOKEN is not used when validating credentials.

  • AWS_DEFAULT_REGION is not recognized in AWS NodeJS SDK.

  • AWSDatabaseQuery property partitionKey is a duplicate of key.

Added in version 0.6.2:

  • Default providers web identity token and remote credentials environment variables are detected.

  • AWS_SDK_LOAD_CONFIG is enabled with any non empty value.

Deprecated since version 0.6.2:

  • DynamoDB using AWS.config.loadFromPath to parse fromPath will be revised in 0.7.0.