Closed igoratron closed 4 years ago
qasim9872
commented
4 years ago I haven't worked with implementations where sessionToken is required, one thing I want to know before we merge this, do we still have accesssKeyId and secretAccessKeyId when we are using a sessionToken?
From the looks of the PR, if they are interchangeable then we will have to update the validation to ensure one of the two is present. either accessKeyID and secretAccessKeyId or sessionToken?
Let me know what you think?
igoratron
commented
4 years ago @qasim9872 thanks for getting back to me. Yes, we still have accessKeyID and secretAccessKeyId however they are no longer associated with an IAM user but instead with an IAM role. The sessionToken represents the validity of these credentials (more info: https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html#use-roles)
BTW, thanks for this package. It really helped us with a project we were working on! 👏
When using temporary credentials (like AWS roles) we need to pass in an extra parameter (session token) to the signing function to create a valid signature.
This is my first entry into TypeScript so looking for feedback how to make this more idiomatic.