[Yandex Cloud documentation](../../index.md) > [Yandex Object Storage](../index.md) > [Tools](index.md) > SDK > AWS SDK for JavaScript

# AWS SDK for JavaScript


The [AWS SDK for JavaScript](https://docs.aws.amazon.com/sdk-for-javascript/) is a Yandex Object Storage-compatible software development kit for integration with AWS services.

With the AWS SDK for Node.js, you will create a bucket, upload objects to it, get a list of objects, download a single object, clean up the bucket contents, and delete the bucket.

## Getting started {#before-you-begin}

1. [Create a service account](../../iam/operations/sa/create.md).
1. [Assign to the service account the roles](../../iam/operations/sa/assign-role-for-sa.md) required for your project, e.g., [storage.editor](../security/index.md#storage-editor) for a bucket (to work with a particular bucket) or a folder (to work with all buckets in this folder). For more information about roles, see [Access management with Yandex Identity and Access Management](../security/index.md).

          
    To work with objects in an [encrypted](../concepts/encryption.md) bucket, a user or [service account](../../iam/concepts/users/service-accounts.md) must have the following [roles for the encryption key](../../kms/operations/key-access.md) in addition to the `storage.configurer` [role](../security/index.md#storage-configurer):
    
    * `kms.keys.encrypter`: To read the key, [encrypt](../../kms/security/index.md#kms-keys-encrypter) and upload objects.
    * `kms.keys.decrypter`: To read the key, [decrypt](../../kms/security/index.md#kms-keys-decrypter) and download objects.
    * `kms.keys.encrypterDecrypter`: This role includes the `kms.keys.encrypter` and `kms.keys.decrypter` [permissions](../../kms/security/index.md#kms-keys-encrypterDecrypter).
    
    For more information, see [Key Management Service service roles](../../kms/security/index.md#service-roles).


1. [Create a static access key](../../iam/operations/authentication/manage-access-keys.md#create-access-key).

    
    As a result, you will get the static access key data. To authenticate in Object Storage, you will need the following:
    
    * `key_id`: Static access key ID
    * `secret`: Secret key
    
    Save `key_id` and `secret`: you will not be able to get the key value again.



To access the HTTP API directly, you need static key authentication, which is supported by the tools listed in [Supported tools](index.md).
  
{% note info %}

You can [disable using static keys for bucket access](../operations/buckets/disable-statickey-auth.md). Once disabled, access will be denied to all tools using this access option: the AWS CLI, SDK, and third-party applications. Access via [ephemeral keys](../security/ephemeral-keys.md), [temporary Security Token Service access keys](../security/sts.md), and [pre-signed URLs](../security/overview.md#pre-signed) will also be disabled. Only access with an [IAM token](../../iam/concepts/authorization/iam-token.md) or [anonymous access](../security/public-access.md) (if enabled) will remain.

{% endnote %}


You can use Yandex Lockbox to safely store the static key for access to Object Storage. For more information, see [Using a Yandex Lockbox secret to store a static access key](../tutorials/static-key-in-lockbox/index.md).

{% note info %}

A service account is only allowed to view a list of buckets in the folder it was created in.

A service account can perform actions with objects in buckets that are created in folders different from the service account folder. To enable this, [assign](../../iam/operations/sa/assign-role-for-sa.md) the service account [roles](../security/index.md#service-roles) for the appropriate folder or its bucket.

{% endnote %}

## Configuring a project {#setup-project}

### Preparing authentication data {#setup-project-aws-tools}

1. Create a directory to store the authentication data in and navigate to it: 

    For macOS and Linux:

    ```bash
    mkdir ~/.aws/
    ```

    For Windows:

    ```bash
    mkdir C:\Users\<username>\.aws\
    ```

1. In the `.aws` directory, create a file named `credentials` and copy the credentials [received earlier](#before-you-begin) into it:

    ```text
    [default]
    aws_access_key_id = <static_key_ID>
    aws_secret_access_key = <secret_key>
    ```

1. Create a file named `config` with the default region settings and copy the following information to it:

    ```text
    [default]
    region = ru-central1
    endpoint_url = https://storage.yandexcloud.net
    ```

    {% note info %}

    Some apps designed to work with Amazon S3 do not allow you to specify the region; this is why Object Storage may also accept the main AWS region value, which is the [first row in the table of regions](https://docs.aws.amazon.com/global-infrastructure/latest/regions/aws-regions.html#available-regions).

    {% endnote %}

To access Object Storage, use the `https://storage.yandexcloud.net` endpoint.

### Preparing a project directory {#setup-project-folder}

1. [Install](https://nodejs.org/en/download) Node.js.
1. Create a directory for the code example and navigate to it:

    ```bash
    mkdir app
    cd app
    ```

1. Initialize the Node.js project and use the command below to install the `aws-sdk/client-s3` library:

    ```bash
    npm init -y && npm i @aws-sdk/client-s3
    ```

1. Add the `"type": "module"` string to the package.json file to use the [ESM (ECMAScript Modules)](https://nodejs.org/api/esm.html) syntax in the project. The `package.json` file with the project's basic Node.js settings will be created in the directory. 

    The final `package.json` file will appear as follows:

    ```json
    {
        "name": "check",
        "version": "1.0.0",
        "main": "index.js",
        "scripts": {
            "test": "echo \"Error: no test specified\" && exit 1"
        },
        "keywords": [],
        "author": "",
        "license": "ISC",
        "description": "",
        "dependencies": {
            "@aws-sdk/client-s3": "^3.726.1"
        },
        "type": "module"
    }
    ```

1. Create a file named `index.js` to store the code using the AWS SDK.

## Code examples {#js-sdk-examples}

Below we describe how to perform basic operations with a bucket using the AWS SDK for Node.js.
1. Add the following code to `index.js`:

    ```js
    import { readFileSync } from "node:fs"
    import
    {
        S3Client,
        PutObjectCommand,
        CreateBucketCommand,
        DeleteObjectCommand,
        DeleteBucketCommand,
        paginateListObjectsV2,
        GetObjectCommand,
        ListObjectsV2Command,
    } from "@aws-sdk/client-s3";

    (async function ()
    {
        // Creating an s3 client to interact with aws.
        // Authentication data is taken from your environment, but you can specify it explicitly, e.g.:
        // `new S3Client({ region: 'ru-central1', credentials: {...} })`
        const s3Client = new S3Client({});

        const bucketName = `test-bucket-${Date.now()}`;
        // Creating a new bucket
        console.log(`Creating the bucket ${bucketName}.`);
        await s3Client.send(
            new CreateBucketCommand({
                Bucket: bucketName,
            }),
        );
        console.log(`The bucket ${bucketName} was created.\n\n`);

        // Uploading objects to a bucket
        // From a string
        console.log('Creating a object from string.');
        await s3Client.send(
            new PutObjectCommand({
                Bucket: bucketName,
                Key: "bucket-text",
                Body: 'Hello bucket!',
            }),
        );
        console.log('The object from string was created.\n');
        // From files
        console.log('Creating the first object from local file.');
        await s3Client.send(
            new PutObjectCommand({
                Bucket: bucketName,
                Key: "my-package.json",
                Body: readFileSync('package.json'),
            }),
        );
        console.log('The first object was created.\nCreating the second object from local file.');
        await s3Client.send(
            new PutObjectCommand({
                Bucket: bucketName,
                Key: "my-package-lock.json",
                Body: readFileSync('package-lock.json'),
            }),
        );
        console.log('The second object was created.\n');

        // Getting a list of objects
        console.log('Getting bucket objects list.');
        const command = new ListObjectsV2Command({ Bucket: bucketName });
        const { Contents } = await s3Client.send(command);
        const contentsList = Contents.map((c) => ` • ${c.Key}`).join("\n");
        console.log("Here's a list of files in the bucket:");
        console.log(`${contentsList}\n`);

        // Deleting multiple objects
        console.log('Deleting objects.');
        await s3Client.send(
            new DeleteObjectCommand({ Bucket: bucketName, Key: "my-package.json" }),
        );
        await s3Client.send(
            new DeleteObjectCommand({ Bucket: bucketName, Key: "my-package-lock.json" }),
        );
        console.log('The objects were deleted.\n');

        // Getting an object
        console.log('Getting your "bucket-text" object')
        const { Body } = await s3Client.send(
            new GetObjectCommand({
                Bucket: bucketName,
                Key: "bucket-text",
            }),
        );
        console.log('Your "bucket-text" content:')
        console.log(await Body.transformToString(), '\n');

        // Deleting bucket objects and the bucket itself
        // Getting a list of objects page by page
        const paginator = paginateListObjectsV2(
            { client: s3Client },
            { Bucket: bucketName },
        );
        for await (const page of paginator)
        {
            const objects = page.Contents;
            if (objects)
            {
                // Running the delete command for each object by iterating pages with objects
                for (const object of objects)
                {
                    // Sending the delete command
                    await s3Client.send(
                        new DeleteObjectCommand({ Bucket: bucketName, Key: object.Key }),
                    );
                }
            }
        }

        // Deleting the previously created bucket
        await s3Client.send(new DeleteBucketCommand({ Bucket: bucketName }));
        console.log('Your bucket was emptied and deleted.');
    })()
    ```
  
    In this code snippet, we added an [IIFE (Immediately Invoked Function Expression)](https://developer.mozilla.org/en-US/docs/Glossary/IIFE) to invoke the script when running the file.
1. Run the application:

    ```bash
    node index.js
    ```

    In the console output, you will see a step-by-step description of the operation results.

Learn more about using the AWS SDK for JavaScript in the [AWS documentation](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/getting-started-nodejs.html).