Configuring .NET Core Application to use an AWS Named Profile
Many organizations use some form of Single Sign On (SSO) to manage employee identities, but the process of logging in and obtaining AWS tokens can sometimes be cumbersome. Therefore, reducing developer experience friction is important so as to allow them to start writing functioning code as quickly as possible. When working with .NET applications which are designed to work with and on the AWS platform, we have to generate credential tokens and store those tokens locally when developing. Paying attention to the AWS SDK for .NET Credential Profile Resolution, the easiest place I’ve found to store those tokens are in the credential file.
We have a mechanism at work which uses the AWS CLI to generate the tokens in an automated way and store them in the credential file. I won’t get into details here as this post is meant to document the proper application setup to consume the tokens.
Follow the below steps necessary to quickly create a .NET core application and use the tokens stored in the credential file under an AWS Named Profile.
- Create a new .NET Core application
- Add
Microsoft.Extensions.Configuration.Json
nuget package - Add
AWSSDK.Extensions.NETCore.Setup
nuget package - Add
AWSSDK.S3
nuget package - Add
appsettings.json
file and set the Profile property to the Profile Name used when authenticating with the AWS CLI.
{
"AWS": {
"Profile": "[Profile Name]",
"Region": "us-east-1"
}
}
- Load the appsettings file using the built in Dependency Inejection.
var builder = new ConfigurationBuilder().AddJsonFile("appsettings.json", optional: false, reloadOnChange: true);
- Load the settings into the AWS Options object
var options = builder.Build().GetAWSOptions();
- Resolve the AWS Client (in this case S3)
_s3Client = options.CreateServiceClient<IAmazonS3>();
- Call the AWS Client
ListBucketsRequest request = new ListBucketsRequest();
ListBucketsResponse response = await _s3Client.ListBucketsAsync(request);
Authenticate with the AWS CLI to generate an
AWS_ACCESS_KEY_ID
,AWS_SECRET_ACCESS_KEY
, andAWS_SESSION_TOKEN
Run the application.
Code can be found in my awsnetcore repository.