Upload,Download and Delete Files from Amazon S3 Using Amazon Cognito and NodeJS.
Amazon simple storage service is a great cloud based storage service. AWS S3 is well known for its scalable, durable and flexible. Amazon provides SDK for S3 in different languages. We are going to use Node.js for client side operation and Amazon cognito identity pools (Federated Identities) for authenticating users. Amazon supports developer authenticated identities with other web identity like Facebook,Google and Amazon Login.
Creating Amazon Cognito Identity Pools:
Using Cognito Identity Pools(Federated Identities) we can authenticate guest (Unauthenticated) users to use AWS services. “Amazon Cognito offers user pools which are provide sign-up and sign-in options for your app users. AWS Cognito Identity Pools provides AWS credentials to allow your users to access other AWS service.
In this article we are going to create a Cognito Identity Pools which will be used in our Electron application. From User’s Electron app we will be uploading, downloading and deleting files in Amazon S3 bucket.
Step 1 :
Navigate to AWS console and choose cognito . Click on Manage Identity Pools and start creating Identity pool by clicking following button.
Step 2:
First step in getting started wizard we will be creating new identity pool by giving a name for our app. Click on Enable access to Unauthenticated identities. This will enable our user to authenticate without logging in.
Step 3:
In order to access AWS service with this identity pool we have to create IAM Role with policy document. Give Role Name and click on Edit link to edit policy document. Following image shows Authenticated Role and its policy document.
Step 4:
In policy document text area add need permission for your Identity poolIds. In my case I need to upload,download and delete file from S3 bucket. I am restricting upload, download and delete operation to specific folder in my S3 bucket. Following policy document allows resources to cognito-identity, S3 bucket put, get and delete for specific folder.
Step 5:
Similarly we have to create IAM Role for UnAuthenticated identities. After that click Allow button.
Step 6:
Adding S3 bucket permission to Unauthenticated identities by editing policy document.
Step 7:
Once we click on Allow button AWS cognito Identity poolId will be created and wizard will be moved to dashboard. Click on Sample code and select need Platform to get IdentityPoolId. Following image shows AWS SDK for javascript with IdentityPoolId hidden. Note : Don’t expose your IdentityPoolId anywhere.
Now we have created IdentityPoolId from Amazon Cognito. We can use this in our application to use S3 service.
Upload , Download and Delete Files from AWS S3 Bucket :
We have created Cognito IdentityPoolId for authenticating user from node.js application. We can add IdentityPoolId in AWS config then will be able to use S3 service. Following code initialize required variable. Note : Don’t expose your IdentityPoolId in code.
Step 1: Reading File from user system for uploading to AWS S3 bucket :
Step 2: Uploading file to AWS S3 bucket:
In this function we are reading the file and uploading to a specific folder in S3 bucket. We have given Read and Write permission only to that particular folder. I have used S3.putObject function for uploading objects to S3 bucket. S3.upload function will give upload progress and more events then putObject function. In future i ll add upload function in this article.
Step 3: Deleting the file from S3:
Step 4: Downloading file from S3 Bucket:
Sample code to execute and check upload,download and delete operation in S3 bucket.
That’s it. Thank you so much for reading till end. With Amazon Cognito and Node.js application we have done Uploading, Downloading and Deletion from Amazon S3 bucket. There are few other ways available to do the same like using AWS Gateway API and Lambda function. Feel free to share you thoughts on this article in comment section. Thank you.
