Description
n8n-nodes-aws-sdk-v3
This is an n8n community node that allows you to execute custom JavaScript code with pre-configured AWS SDK v3 clients (S3, Bedrock, KMS, SSM, Secrets Manager) in your n8n workflows.
Note: This node uses external dependencies (AWS SDK v3) and is only compatible with self-hosted n8n installations. It cannot be used on n8n Cloud.
n8n is a fair-code licensed workflow automation platform.
Installation
Operations
Credentials
Compatibility
Usage
Resources
Version history
Installation
Follow the installation guide in the n8n community nodes documentation.
npm install n8n-nodes-aws-sdk-v3
Or install it directly in your n8n instance via the Community Nodes settings.
Operations
The AWS Code node provides a code editor where you can write custom JavaScript code with access to:
Pre-configured AWS Clients
$s3– Amazon S3 Client$bedrock– Amazon Bedrock Runtime Client$kms– AWS Key Management Service (KMS) Client$ssm– AWS Systems Manager (SSM) Client$secretsManager– AWS Secrets Manager ClientListBucketsCommandGetObjectCommandPutObjectCommandDeleteObjectCommandCopyObjectCommandHeadObjectCommandListObjectsV2CommandCreateBucketCommandDeleteBucketCommandInvokeModelCommandInvokeModelWithResponseStreamCommandConverseCommandConverseStreamCommandEncryptCommandDecryptCommandReEncryptCommandGenerateDataKeyCommandGenerateDataKeyWithoutPlaintextCommandGenerateRandomCommandDescribeKeyCommandListKeysCommandListAliasesCommandGetPublicKeyCommandSignCommandVerifyCommandGenerateMacCommandVerifyMacCommandCreateKeyCommandCreateAliasCommandUpdateAliasCommandDeleteAliasCommandEnableKeyCommandDisableKeyCommandScheduleKeyDeletionCommandCancelKeyDeletionCommandTagResourceCommandUntagResourceCommandGetParameterCommandGetParametersCommandGetParametersByPathCommandPutParameterCommandDeleteParameterCommandDeleteParametersCommandGetSecretValueCommandBatchGetSecretValueCommandPutSecretValueCommandCreateSecretCommandUpdateSecretCommandDeleteSecretCommandDescribeSecretCommandListSecretsCommandRestoreSecretCommand- Run Once for All Items – Execute the code once with access to all input items via
$items - Run Once for Each Item – Execute the code once for each input item via
$item - Requires n8n version 1.0.0 or later
- Self-hosted n8n only – Not compatible with n8n Cloud
Available AWS SDK Commands
S3 Commands:
Bedrock Commands:
KMS Commands:
SSM Commands:
Secrets Manager Commands:
Execution Modes
Credentials
Create AWS SDK V3 API credentials with:
| Field | Description |
|——-|————-|
| Access Key ID | Your AWS Access Key ID |
| Secret Access Key | Your AWS Secret Access Key |
| Region | AWS region (e.g., eu-west-1, us-east-1) |
| Session Token | Optional – for temporary credentials (STS) |
Credential testing uses AWS STS GetCallerIdentity, so credentials can validate even without S3-specific permissions.
Compatibility
Usage
Example: List S3 Buckets
const response = await $s3.send(new ListBucketsCommand({}));
return response.Buckets.map(b => ({ json: { name: b.Name } }));
Example: Get SSM Parameter
const response = await $ssm.send(new GetParameterCommand({
Name: '/my/parameter/path',
WithDecryption: true
}));
return [{ json: { value: response.Parameter.Value } }];
Example: Invoke Bedrock Model (Claude)
const response = await $bedrock.send(new ConverseCommand({
modelId: 'anthropic.claude-3-sonnet-20240229-v1:0',
messages: [
{
role: 'user',
content: [{ text: $item.json.prompt }]
}
]
}));return [{
json: {
response: response.output.message.content[0].text
}
}];
Example: Get a Secret Value
const response = await $secretsManager.send(new GetSecretValueCommand({
SecretId: 'my/app/secret',
}));if (response.SecretString) {
return [{ json: { secret: response.SecretString } }];
}
const secretBinaryBase64 = Buffer.from(response.SecretBinary).toString('base64');
return [{ json: { secretBinaryBase64 } }];
Example: Encrypt Data with KMS
const plaintext = Buffer.from($item.json.value, 'utf8');const response = await $kms.send(new EncryptCommand({
KeyId: $vars.KMSKEYID,
Plaintext: plaintext,
}));
return [{
json: {
ciphertextBase64: Buffer.from(response.CiphertextBlob).toString('base64'),
}
}];
Example: Upload to S3
const response = await $s3.send(new PutObjectCommand({
Bucket: 'my-bucket',
Key: files/${$item.json.filename},
Body: $item.json.content,
ContentType: 'text/plain'
}));return [{ json: { success: true, etag: response.ETag } }];
Example: Use Built-in Helper Libraries
The AWS Code node exposes a restricted require() with these allowed modules:
cryptonode:cryptolodashluxonuuidconst crypto = require('crypto');
const _ = require('lodash');
const { DateTime } = require('luxon');
const { v4: uuidv4 } = require('uuid');const payload = {
userId: $item.json.userId,
email: $item.json.email,
roles: $item.json.roles ?? [],
};
const normalizedPayload = _.pick(payload, ['userId', 'email', 'roles']);
const digest = crypto
.createHash('sha256')
.update(JSON.stringify(normalizedPayload))
.digest('hex');
return [{
json: {
id: uuidv4(),
processedAt: DateTime.now().toISO(),
digest,
roleCount: _.size(normalizedPayload.roles),
}
}];
Example: Use n8n Workflow Variables
const bucketName = $vars.AWSBUCKETNAME;
const environment = $vars.APP_ENV ?? 'dev';return [{
json: {
bucketName,
environment,
}
}];
Available Variables
| Variable | Description |
|———-|————-|
| $s3 | Pre-configured S3Client |
| $bedrock | Pre-configured BedrockRuntimeClient |
| $kms | Pre-configured KMSClient |
| $ssm | Pre-configured SSMClient |
| $secretsManager | Pre-configured SecretsManagerClient |
| $vars | n8n workflow variables |
| require | Restricted require() for allowed modules (crypto, node:crypto, lodash, luxon, uuid) |
| crypto | Shortcut to the Node.js crypto module |
| $items | All input items (array) |
| $item | Current item (in “Run Once for Each Item” mode) |
| $itemIndex | Current item index |
Resources
Version history
Unreleased
$kms)$secretsManager)$vars support for n8n workflow variablesrequire() support for crypto, lodash, luxon, and uuidGetCallerIdentity