I am trying to get cross account credentials for AWS Client Secret Manager by calling main function in the file.
I am getting an error saying Error: Credentials Missing
I tried everything, except for putting the credentials and storing them on my computer. I do not want to do that because I am working with a team and I don't want them to have to go to the files to have to change their AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY
I have an .env file and react-native-config installed and the keys are there and they are correct, but they seem inaccessible to AWS, therefore I decided to force-put them in process.env object just for testing purposes. Didn't really work.
This is my code, what should I do? I am really lost this is the first time I am connecting AWS to react native project and honestly, AWS docs are not any good. They only provide NodeJS examples, which works a bit differently compared to React Native.
import 'react-native-url-polyfill/auto';
import 'react-native-get-random-values';
import {
SecretsManagerClient,
GetSecretValueCommand,
} from '@aws-sdk/client-secrets-manager';
import * as sts from '@aws-sdk/client-sts';
import Config from 'react-native-config';
const splitSecretName = 'mobile_split_test';
const secretClient = new SecretsManagerClient({
region: 'us-east-1',
});
const stsClient = new sts.STS({region: 'us-east-1'});
const main = async () => {
process.env.AWS_ACCESS_KEY_ID = Config.AWS_ACCESS_KEY_ID;
process.env.AWS_SECRET_ACCESS_KEY = Config.AWS_SECRET_ACCESS_KEY;
await getCrossAccountCredentials();
};
const getCrossAccountCredentials = async () => {
return new Promise((resolve, reject) => {
const timestamp = new Date().getTime();
const params = {
RoleArn: 'some arn path here',
RoleSessionName: `be-descriptibe-here-${timestamp}`,
};
console.log(Config);
stsClient.assumeRole(params, (err, data) => {
if (err) {
console.log('getCrossAccountCredentailsError', err);
reject(err);
} else {
resolve({
accessKeyId: data.Credentials.AccessKeyId,
secretAccessKey: data.Credentials.SecretAccessKey,
sessionToken: data.Credentials.SessionToken,
});
}
});
});
};
export const getSplitSecretKey = async () => {
const accessParams = await getCrossAccountCredentials();
//Replace 'YOUR_SECRET_ID' with the ID or ARN of the secret containing your Split.io authorization key.
let params = {
SecretId: splitSecretName,
credentials: accessParams,
// VersionStage: 'AWSCURRENT', // VersionStage defaults to AWSCURRENT if unspecified
};
try {
const response = await secretClient.send(new GetSecretValueCommand(params));
console.log('response', response);
return response.SecretString;
} catch (error) {
// For a list of exceptions thrown, see
// https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
console.log('ggetSplitSecretKeError', error);
}
};
