Net Core 2.0 AmazonServiceException: Unable to find credentials
up vote
1
down vote
favorite
I have the following code:
public void ConfigureServices(IServiceCollection services)
// AWS Options
var awsOptions = Configuration.GetAWSOptions();
services.AddDefaultAWSOptions(awsOptions);
var client = awsOptions.CreateServiceClient<IAmazonDynamoDB>();
var dynamoDbOptions = new DynamoDbOptions();
ConfigurationBinder.Bind(Configuration.GetSection("DynamoDbTables"), dynamoDbOptions);
services.AddScoped<IDynamoDbManager<MyModel>>(provider => new DynamoDbManager<MyModel>(client, dynamoDbOptions.MyModel));
public class DynamoDbManager<T> : DynamoDBContext, IDynamoDbManager<T> where T : class
private DynamoDBOperationConfig _config;
public DynamoDbManager(IAmazonDynamoDB client, string tableName) : base(client)
_config = new DynamoDBOperationConfig()
OverrideTableName = tableName
;
My Appsettings.json is as:
"AWS":
"Region": "us-east-1",
"AwsId": "xxx",
"AwsPassword": "xxx"
,
"DynamoDbTables":
"MyModel": "MyTable"
When I run my code I am getting the error:
AmazonServiceException: Unable to find credentials
Exception 1 of 3:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain. at Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource source) in E:JenkinsWorkspacesv3-trebuchet-releaseAWSDotNetPublicsdksrcCoreAmazon.RuntimeCredentialsFallbackCredentialsFactory.cs:line 72
Exception 2 of 3:
System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Exception 3 of 3:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: The operation timed out
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
I have tried many things but not getting this to work.
I have tried:
Setting up profile as:
Amazon.Runtime.AmazonServiceException: Unable to find credentials
And also tried settingup of environment variables:
https://github.com/aws/aws-sdk-net/issues/499
But still cannot get past this error.
c# amazon-web-services asp.net-core amazon-dynamodb aws-sdk
edited Nov 9 at 16:00
fnascimento
681914
asked Nov 6 at 16:51
aman
4851516
add a comment |
up vote
1
down vote
favorite
I have the following code:
public void ConfigureServices(IServiceCollection services)
// AWS Options
var awsOptions = Configuration.GetAWSOptions();
services.AddDefaultAWSOptions(awsOptions);
var client = awsOptions.CreateServiceClient<IAmazonDynamoDB>();
var dynamoDbOptions = new DynamoDbOptions();
ConfigurationBinder.Bind(Configuration.GetSection("DynamoDbTables"), dynamoDbOptions);
services.AddScoped<IDynamoDbManager<MyModel>>(provider => new DynamoDbManager<MyModel>(client, dynamoDbOptions.MyModel));
public class DynamoDbManager<T> : DynamoDBContext, IDynamoDbManager<T> where T : class
private DynamoDBOperationConfig _config;
public DynamoDbManager(IAmazonDynamoDB client, string tableName) : base(client)
_config = new DynamoDBOperationConfig()
OverrideTableName = tableName
;
My Appsettings.json is as:
"AWS":
"Region": "us-east-1",
"AwsId": "xxx",
"AwsPassword": "xxx"
,
"DynamoDbTables":
"MyModel": "MyTable"
When I run my code I am getting the error:
AmazonServiceException: Unable to find credentials
Exception 1 of 3:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain. at Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource source) in E:JenkinsWorkspacesv3-trebuchet-releaseAWSDotNetPublicsdksrcCoreAmazon.RuntimeCredentialsFallbackCredentialsFactory.cs:line 72
Exception 2 of 3:
System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Exception 3 of 3:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: The operation timed out
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
I have tried many things but not getting this to work.
I have tried:
Setting up profile as:
Amazon.Runtime.AmazonServiceException: Unable to find credentials
And also tried settingup of environment variables:
https://github.com/aws/aws-sdk-net/issues/499
But still cannot get past this error.
c# amazon-web-services asp.net-core amazon-dynamodb aws-sdk
edited Nov 9 at 16:00
fnascimento
681914
asked Nov 6 at 16:51
aman
4851516
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have the following code:
public void ConfigureServices(IServiceCollection services)
// AWS Options
var awsOptions = Configuration.GetAWSOptions();
services.AddDefaultAWSOptions(awsOptions);
var client = awsOptions.CreateServiceClient<IAmazonDynamoDB>();
var dynamoDbOptions = new DynamoDbOptions();
ConfigurationBinder.Bind(Configuration.GetSection("DynamoDbTables"), dynamoDbOptions);
services.AddScoped<IDynamoDbManager<MyModel>>(provider => new DynamoDbManager<MyModel>(client, dynamoDbOptions.MyModel));
public class DynamoDbManager<T> : DynamoDBContext, IDynamoDbManager<T> where T : class
private DynamoDBOperationConfig _config;
public DynamoDbManager(IAmazonDynamoDB client, string tableName) : base(client)
_config = new DynamoDBOperationConfig()
OverrideTableName = tableName
;
My Appsettings.json is as:
"AWS":
"Region": "us-east-1",
"AwsId": "xxx",
"AwsPassword": "xxx"
,
"DynamoDbTables":
"MyModel": "MyTable"
When I run my code I am getting the error:
AmazonServiceException: Unable to find credentials
Exception 1 of 3:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain. at Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource source) in E:JenkinsWorkspacesv3-trebuchet-releaseAWSDotNetPublicsdksrcCoreAmazon.RuntimeCredentialsFallbackCredentialsFactory.cs:line 72
Exception 2 of 3:
System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Exception 3 of 3:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: The operation timed out
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
I have tried many things but not getting this to work.
I have tried:
Setting up profile as:
Amazon.Runtime.AmazonServiceException: Unable to find credentials
And also tried settingup of environment variables:
https://github.com/aws/aws-sdk-net/issues/499
But still cannot get past this error.
c# amazon-web-services asp.net-core amazon-dynamodb aws-sdk
edited Nov 9 at 16:00
fnascimento
681914
asked Nov 6 at 16:51
aman
4851516
I have the following code:
public void ConfigureServices(IServiceCollection services)
// AWS Options
var awsOptions = Configuration.GetAWSOptions();
services.AddDefaultAWSOptions(awsOptions);
var client = awsOptions.CreateServiceClient<IAmazonDynamoDB>();
var dynamoDbOptions = new DynamoDbOptions();
ConfigurationBinder.Bind(Configuration.GetSection("DynamoDbTables"), dynamoDbOptions);
services.AddScoped<IDynamoDbManager<MyModel>>(provider => new DynamoDbManager<MyModel>(client, dynamoDbOptions.MyModel));
public class DynamoDbManager<T> : DynamoDBContext, IDynamoDbManager<T> where T : class
private DynamoDBOperationConfig _config;
public DynamoDbManager(IAmazonDynamoDB client, string tableName) : base(client)
_config = new DynamoDBOperationConfig()
OverrideTableName = tableName
;
My Appsettings.json is as:
"AWS":
"Region": "us-east-1",
"AwsId": "xxx",
"AwsPassword": "xxx"
,
"DynamoDbTables":
"MyModel": "MyTable"
When I run my code I am getting the error:
AmazonServiceException: Unable to find credentials
Exception 1 of 3:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain. at Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource source) in E:JenkinsWorkspacesv3-trebuchet-releaseAWSDotNetPublicsdksrcCoreAmazon.RuntimeCredentialsFallbackCredentialsFactory.cs:line 72
Exception 2 of 3:
System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Exception 3 of 3:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: The operation timed out
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
I have tried many things but not getting this to work.
I have tried:
Setting up profile as:
Amazon.Runtime.AmazonServiceException: Unable to find credentials
And also tried settingup of environment variables:
https://github.com/aws/aws-sdk-net/issues/499
But still cannot get past this error.
c# amazon-web-services asp.net-core amazon-dynamodb aws-sdk
c# amazon-web-services asp.net-core amazon-dynamodb aws-sdk
edited Nov 9 at 16:00
fnascimento
681914
asked Nov 6 at 16:51
aman
4851516
edited Nov 9 at 16:00
fnascimento
681914
asked Nov 6 at 16:51
aman
4851516
edited Nov 9 at 16:00
fnascimento
681914
edited Nov 9 at 16:00
fnascimento
681914
edited Nov 9 at 16:00
fnascimento
681914
681914
asked Nov 6 at 16:51
aman
4851516
asked Nov 6 at 16:51
aman
4851516
asked Nov 6 at 16:51
aman
4851516
4851516
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59
add a comment |
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
So when we are using AWS SDK we need to setup and provide an AWS access key & a secret key. And from what I have come across it does not read directly from the app settings. So I found below are the two working methods with which you can set these credentials.
Method 1 - Using Credentials file
You can create a credentials file and store your credentials there. Below is the format of the file.
[default]
aws_access_key_id = your id goes here
aws_secret_access_key = your password goes here
In above file, "default" is the name of your profile.
After creating the above file you need to specify the same in Appsettings.json file as:
"AWS":
"Profile": "default",
"ProfilesLocation": "C:\filelocation\awscredentials",
"Region": "us-east-1",
Method 2 - Setting and Reading from Environment Variables
We can setup the environment variables in our startup.cs file as below:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AwsId"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:AwsPassword"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
And read these variables from our appSettings.json file as:
AWS":
"Region": "us-east-1",
"AwsId": "xxxx",
"AwsPassword": "xxxx"
edited Nov 9 at 15:45
jarmod
17.6k53845
answered Nov 9 at 15:15
aman
4851516
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
|
show 1 more comment
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
So when we are using AWS SDK we need to setup and provide an AWS access key & a secret key. And from what I have come across it does not read directly from the app settings. So I found below are the two working methods with which you can set these credentials.
Method 1 - Using Credentials file
You can create a credentials file and store your credentials there. Below is the format of the file.
[default]
aws_access_key_id = your id goes here
aws_secret_access_key = your password goes here
In above file, "default" is the name of your profile.
After creating the above file you need to specify the same in Appsettings.json file as:
"AWS":
"Profile": "default",
"ProfilesLocation": "C:\filelocation\awscredentials",
"Region": "us-east-1",
Method 2 - Setting and Reading from Environment Variables
We can setup the environment variables in our startup.cs file as below:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AwsId"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:AwsPassword"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
And read these variables from our appSettings.json file as:
AWS":
"Region": "us-east-1",
"AwsId": "xxxx",
"AwsPassword": "xxxx"
edited Nov 9 at 15:45
jarmod
17.6k53845
answered Nov 9 at 15:15
aman
4851516
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
|
show 1 more comment
up vote
0
down vote
accepted
So when we are using AWS SDK we need to setup and provide an AWS access key & a secret key. And from what I have come across it does not read directly from the app settings. So I found below are the two working methods with which you can set these credentials.
Method 1 - Using Credentials file
You can create a credentials file and store your credentials there. Below is the format of the file.
[default]
aws_access_key_id = your id goes here
aws_secret_access_key = your password goes here
In above file, "default" is the name of your profile.
After creating the above file you need to specify the same in Appsettings.json file as:
"AWS":
"Profile": "default",
"ProfilesLocation": "C:\filelocation\awscredentials",
"Region": "us-east-1",
Method 2 - Setting and Reading from Environment Variables
We can setup the environment variables in our startup.cs file as below:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AwsId"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:AwsPassword"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
And read these variables from our appSettings.json file as:
AWS":
"Region": "us-east-1",
"AwsId": "xxxx",
"AwsPassword": "xxxx"
edited Nov 9 at 15:45
jarmod
17.6k53845
answered Nov 9 at 15:15
aman
4851516
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
|
show 1 more comment
up vote
0
down vote
accepted
up vote
0
down vote
accepted
So when we are using AWS SDK we need to setup and provide an AWS access key & a secret key. And from what I have come across it does not read directly from the app settings. So I found below are the two working methods with which you can set these credentials.
Method 1 - Using Credentials file
You can create a credentials file and store your credentials there. Below is the format of the file.
[default]
aws_access_key_id = your id goes here
aws_secret_access_key = your password goes here
In above file, "default" is the name of your profile.
After creating the above file you need to specify the same in Appsettings.json file as:
"AWS":
"Profile": "default",
"ProfilesLocation": "C:\filelocation\awscredentials",
"Region": "us-east-1",
Method 2 - Setting and Reading from Environment Variables
We can setup the environment variables in our startup.cs file as below:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AwsId"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:AwsPassword"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
And read these variables from our appSettings.json file as:
AWS":
"Region": "us-east-1",
"AwsId": "xxxx",
"AwsPassword": "xxxx"
edited Nov 9 at 15:45
jarmod
17.6k53845
answered Nov 9 at 15:15
aman
4851516
So when we are using AWS SDK we need to setup and provide an AWS access key & a secret key. And from what I have come across it does not read directly from the app settings. So I found below are the two working methods with which you can set these credentials.
Method 1 - Using Credentials file
You can create a credentials file and store your credentials there. Below is the format of the file.
[default]
aws_access_key_id = your id goes here
aws_secret_access_key = your password goes here
In above file, "default" is the name of your profile.
After creating the above file you need to specify the same in Appsettings.json file as:
"AWS":
"Profile": "default",
"ProfilesLocation": "C:\filelocation\awscredentials",
"Region": "us-east-1",
Method 2 - Setting and Reading from Environment Variables
We can setup the environment variables in our startup.cs file as below:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AwsId"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:AwsPassword"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
And read these variables from our appSettings.json file as:
AWS":
"Region": "us-east-1",
"AwsId": "xxxx",
"AwsPassword": "xxxx"
edited Nov 9 at 15:45
jarmod
17.6k53845
answered Nov 9 at 15:15
aman
4851516
edited Nov 9 at 15:45
jarmod
17.6k53845
edited Nov 9 at 15:45
jarmod
17.6k53845
edited Nov 9 at 15:45
jarmod
17.6k53845
17.6k53845
answered Nov 9 at 15:15
aman
4851516
answered Nov 9 at 15:15
aman
4851516
answered Nov 9 at 15:15
aman
4851516
4851516
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
|
show 1 more comment
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
I'm not sure where the idea of using AwsId and AwsPassword came from (they're not documented as viable options) but there are numerous documented ways to provide credentials. Your method #1 is appropriate for local developer machines. Note that you don't need to supply ProfilesLocation if you store your credentials file in the default location (.aws/ under your home directory), and you should store your credentials file there (in preference to other locations) because it provides other advantages (all other AWS tools and SDKs will be able to seamlessly retrieve credentials).
– jarmod
Nov 9 at 16:00
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
@jarmod Thats correct I should have used AccessKey And SecretKey instead. I dont remember where but I have seen both Id and password so I had used it here. We have the appsettings key values being updated dynamically when in uat and production environment so yes we are not using Method 1, have been using Method 2 for that.
– aman
Nov 9 at 16:05
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
You can't provide credentials to the SDK directly in appsettings.json, no matter what you call them (AwsId or AccessKey, for example). You can only supply a profile name (and optional location) and that relates to credentials stored in ~/.aws/credentials. When it comes to UAT and production, assuming this is deployed on EC2 or ECS, why are you supplying credentials like this in the first place? You should be using IAM roles and instance profiles.
– jarmod
Nov 9 at 16:10
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
I understood that we cannot provide these directly in appsettings. What I mean was calling them by what AWS calls them which is AccessKey And SecretKey. I am not aware of using IAM roles and instance profiles for this have to read on that. Also as I mentioned we are using Octopus deploy where we define all application variables ie key pair values. We define UAT & Prod variables here.
– aman
Nov 9 at 16:30
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
You can succeed using IAM user credentials via environment variables but there are some downsides. One issue is that the credentials are long-lived. It's generally better to launch your compute resource with a minimal IAM role. The apps on that instance can then retrieve credentials automatically via the AWS SDK you're using and the credentials are temporary and auto-rotated. That's a better security practice.Octopus will almost certainly support IAM roles (and instance profiles) -- they're fundamental to the platform. Good luck with your project.
– jarmod
Nov 9 at 19:39
|
show 1 more comment
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53176420%2fnet-core-2-0-amazonserviceexception-unable-to-find-credentials%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Have you tried using debugger or add some Console.WriteLine statements to prove that you are getting you settings correctly? For example, should Configuration.GetSection("DynamoDbTables") be awsOptions.something?
– NealWalters
Nov 8 at 14:59