Aws-sdk-js: Credentials file is required, even if you're only using config.

@thomasmichaelwallace The request would probably hang without the credentials file as it starts looking for EC2 metadata credentials, I recently merged https://github.com/aws/aws-sdk-js/pull/3356 to solve that problem. Now it just gives an error that credentials file is not available.

Setting the credentials up initially asks you to setup a credentials file as well which also gets setup when you use the CLI command AWS configure.

My concern regarding this is, if this should be treated as a feature request or a BUG because the docs mention to setup a credentials file.

I can talk to the team, would like more views on this.

@ajredniwja - in the case above it wouldn't/doesn't, because the config file is checked before the EC2 metadata credentials; and the config is complete and resolves (looking at the default providers chain).

I understand what you mean with the aws-cli's configure command automatically setting up the credentials file. But there are quite a few typical setups (SSO, multiple profile roles, etc.) that do not require the credentials file. In fact, my example works _without_ the credentials file and the aws-cli v2.

I think it should be treated as a bug because:

• You do not need a credentials file with the latest aws-cli, so a configuration that works with other aws tooling doesn't work with the SDK
• The SharedIniFileCredentialsloader actually fails with file-not-found, so it would be a trivial fix to add an fs.exists() check [I'm happy to make a PR for this]
• The "workaround" is to put in a dummy credentials file, because AWS_SDK_LOAD_CONFIG means the config file will overwrite.

@thomasmichaelwallace I was able to work with it using the CLI.

I would be happy to review your PR if you want to work on it.

Thanks @ajredniwja - finally found some time to get round to it. ☝️

I upgraded aws-sdk to latest version 2.792.0 in my node app, then renamed my credentials file on purpose such that there is no credentials file under .aws folder. I have gone through the aws sso process and i have config file with below values:

[default]
credential_process = aws-sso-util credential-process --profile default
sso_start_url = https://validurl/start
sso_region = us-west-2
sso_account_id = valid_account_id
sso_role_name = valid_role
region = us-west-2
output = json

Details of the browser/Node.js version - v12.19.0
AWS SDK version - latest version 2.792.0

I have export AWS_SDK_LOAD_CONFIG='1' in my bash_profile and i have already done source ~/.bash_profile in that terminal

Still when i run my app i get below error and from the error message it appears that it's continuing to look for credentials file when it shouldn't

Error: ENOENT: no such file or directory, open '/Users/…/.aws/credentials'
    at Object.openSync (fs.js:462:3)
    at Proxy.readFileSync (fs.js:364:35)
    at Object.readFileSync (/Users/…/node_modules/aws-sdk/lib/util.js:95:26)
    at IniLoader.parseFile (/Users/…/node_modules/aws-sdk/lib/shared-ini/ini-loader.js:6:47)
    at IniLoader.loadFrom (/Users/…/node_modules/aws-sdk/lib/shared-ini/ini-loader.js:56:30)
    at Config.region (/Users/…/node_modules/aws-sdk/lib/node_loader.js:101:36)
    at Config.set (/Users/…/node_modules/aws-sdk/lib/config.js:514:39)
    at Config.<anonymous> (/Users/…/node_modules/aws-sdk/lib/config.js:349:12)
    at Config.each (/Users/…/node_modules/aws-sdk/lib/util.js:507:32)
    at new Config (/Users/…/node_modules/aws-sdk/lib/config.js:348:19) {
  errno: -2,
  syscall: 'open',
  code: 'ENOENT',
  path: '/Users/…/.aws/credentials'
}
[nodemon] app crashed - waiting for file changes before starting...

@ajredniwja @thomasmichaelwallace Will highly appreciate any advice you can give to solve above issue.

Hmm- all I can say is that it works for me.

Thinks to check:

• You _really_ have that aws-sdk version and there's not some caching issue:

➜ head node_modules/aws-sdk/package.json
{
  "name": "aws-sdk",
  "description": "AWS SDK for JavaScript",
  "version": "2.792.0",
  "author": {

• AWS_SDK_LOAD_CONFIG _really_ is in your environment (I'm especially suspicious of nodemon in your logs):

console.log('AWS_SDK_LOAD_CONFIG: ', process.env.AWS_SDK_LOAD_CONFIG);
// AWS_SDK_LOAD_CONFIG:  1

• See if you can make it work under the same conditions I just did:

relevant env:

# ➜ printenv | grep 'AWS'
AWS_REGION=eu-west-1
AWS_SDK_LOAD_CONFIG=1
AWS_SSO_INTERACTIVE_AUTH=true

# ➜ cat ~/.aws/config
[default]
credential_process = aws-sso-credential-process --profile default
region = eu-west-1
output = json
sso_start_url = https://{{ blah }}.awsapps.com/start
sso_region = eu-west-1
sso_account_id = {{ blah }}
sso_role_name = {{ blah }}

// ➜ cat index.js
const S3 = new AWS.S3();

async function main() {
  console.log('AWS_SDK_LOAD_CONFIG: ', process.env.AWS_SDK_LOAD_CONFIG);
  const buckets = await S3.listBuckets().promise();
  buckets.Buckets.forEach((b) => console.log(b.Name));
  console.log('end');
}
main();

Thanks a lot @thomasmichaelwallace for the detailed info! I was able to get it to work. The thing missing in my .bash_profile was AWS_REGION=my-region , once i added it then my node program ran successfully (based on just the config file - no credentials file). The interesting thing is my default profile in config i did have the correct region, but looks like AWS wants it in .bash_profile as well. Thanks again!