Open douglastehling opened 2 years ago
ghdna
commented
2 years ago The role is assumed from the underlying EC2 or Lambda that is hosting Athena-express, in which case, you just pass the AWS sdk object. If not using those 2 hosting options, then you need to explicitly instantiate AWS sdk with your access key and secret key and pass the AWS sdk object instead. In both cases, you don't pass the arn and only pass the AWS sdk.
pwmcintyre
commented
2 years ago i have a similar problem — because my personal IAM Role doesn't have athena access, so I need to assume a pre-provisioned "query" role ... but the interface to AthenaExpress doesn't take a credential provide, it takes the whole 'aws' object (which i don't understand - isn't this global?)
i think this might work
import { ChainableTemporaryCredentials, Credentials, S3 } from "aws-sdk"
// configure creds
const credentials: Credentials = new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::xxxxxx:role/foo",
RoleSessionName: "foo"
}
})
// set global creds 🔥
AWS.config.credentials = credentials
// construct athena express
athena = new AthenaExpress({
aws: AWS,
...
})hoping one day to instead supply either credentials or a client — example:
import { ChainableTemporaryCredentials, Credentials, S3 } from "aws-sdk"
// configure creds
const credentials: Credentials = new ChainableTemporaryCredentials({
params: {
RoleArn: "arn:aws:iam::453719517077:role/pmcintyre-tmp",
RoleSessionName: "foo"
}
})
// construct athena express with AWS.Credential
athena = new AthenaExpress({
credentials,
...
})
// or; construct athena express with custom clients
const athena = new S3({ credentials })
const s3 = new S3({ credentials })
athena = new AthenaExpress({
athena, s3,
...
})Yes, this will become part of the v3 support for aws-sdk.
Hi, i have a problem because i need to access Athena but to access i would have to pass an arn role and in the examples i'm not finding how to do it.. does anyone have any idea how to do it?