Is it possible to authenticate access to an S3 bucket without secretAccessKey?

[PizzaPartyInc]

Hey!

In the most simplified form, one can create an S3 client like this and start sending commands:

import { S3Client } from '@aws-sdk/client-s3';

const client = new S3Client({
   region: 'eu-central-1',
   credentials: {
     accessKeyId: 'key',
     secretAccessKey: 'secret',
   },
});

I'm interested in a case when secretAccessKey is not used for authentication and is replaced with an alternative option. For example, for Azure Blob Storage there is an option to authenticate using an SAS token, which is added to the storage URL as a parameter. So you actually can gain access to the storage using an URL instead of credentials.

My objective is to authenticate in the code and not to have credentials loaded from Amazon EC2 instance or from config files.

Considering the exposed SDK types and my brief googling, this is probably not possible, but maybe I'm overlooking something...

Thanks! :)