static async Task Renew()
{
var request = new AssumeRoleRequest
{
RoleArn = RoleArn,
ExternalId = "Pod",
RoleSessionName = "Pod"
};
try
{
var response = await TokenService.AssumeRoleAsync(request);
Log.Debug("AssumeRole response code: " + response.HttpStatusCode);
if (response.HttpStatusCode == System.Net.HttpStatusCode.OK)
{
LastRenewedUtc = LocalTime.UtcNow;
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () => response.Credentials);
}
}
catch (Exception ex)
{
Log.Error(ex, "Submitting Assume Role request failed.");
throw;
}
}
public FallbackFactoryTestFixture(string sharedCredsFileContent, string awsProfileValue, string enableEndpointDiscoveryValue = null)
{
sharedFixture = new SharedCredentialsFileTestFixture(sharedCredsFileContent);
netSdkFixture = new NetSDKCredentialsFileTestFixture();
originalCredsChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalRegionChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalEndpointDiscoveryEnabledChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalAWSProfileValue = Environment.GetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE);
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, awsProfileValue);
originalAWSEnableEndpointDiscoveryValue = Environment.GetEnvironmentVariable(AWS_ENABLE_ENDPOINT_DISCOVERY_ENVIRONMENT_VARIABLE);
Environment.SetEnvironmentVariable(AWS_ENABLE_ENDPOINT_DISCOVERY_ENVIRONMENT_VARIABLE, enableEndpointDiscoveryValue);
// reset before use to ensure the new credentialProfileChains are used.
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
}
static async Task Renew()
{
Log.Info("Requesting AssumeRole: " + RoleArn + "...");
var request = new AssumeRoleRequest
{
RoleArn = RoleArn,
DurationSeconds = (int)12.Hours().TotalSeconds,
ExternalId = "Pod",
RoleSessionName = "Pod"
};
try
{
using (var client = new AmazonSecurityTokenServiceClient())
{
var response = await client.AssumeRoleAsync(request);
Log.Debug("AssumeRole response code: " + response.HttpStatusCode);
var credentials = response.Credentials;
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () => credentials);
Log.Debug("Obtained assume role credentials.");
}
}
catch (Exception ex)
{
Log.Error(ex, "Submitting Assume Role request failed.");
throw;
}
}
static async Task Renew()
{
Log.Info("Requesting AssumeRole: " + RoleArn + "...");
var request = new AssumeRoleRequest
{
RoleArn = RoleArn,
DurationSeconds = (int)12.Hours().TotalSeconds,
ExternalId = "Pod",
RoleSessionName = "Pod"
};
try
{
var response = await TokenServiceClient.AssumeRoleAsync(request);
Log.Debug("AssumeRole response code: " + response.HttpStatusCode);
var credentials = response.Credentials;
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () =>
{
Log.Debug("Generating credentials => " + credentials.AccessKeyId.Substring(20) + " of total : " + FallbackCredentialsFactory.CredentialsGenerators.Count);
return(credentials);
}
);
Log.Debug("Obtained assume role credentials." + credentials.AccessKeyId.Substring(20));
}
catch (Exception ex)
{
Log.Error(ex, "Submitting Assume Role request failed.");
throw;
}
}
public void Dispose()
{
foreach (var envVariable in originalEnvironmentVariables)
{
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
}
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, originalAWSProfileValue);
AWSConfigs.AWSProfileName = originalAwsconfigAwsProfileName;
AWSConfigs.AWSProfilesLocation = originalAwsconfigAwsProfilesLocation;
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", originalRegionChain);
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", originalCredsChain);
ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain", originalEndpointDiscoveryEnabledChain);
ReflectionHelpers.Invoke(typeof(FallbackInternalConfigurationFactory), "_credentialProfileChain", originalConfigurationChain);
netSdkFixture.Dispose();
sharedFixture.Dispose();
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
FallbackInternalConfigurationFactory.Reset();
}
public FallbackFactoryTestFixture(string sharedCredsFileContent, string awsProfileValue, Dictionary <string, string> newEnvironmentVariables = null, bool setAwsConfigsProfileValue = false)
{
sharedFixture = new SharedCredentialsFileTestFixture(sharedCredsFileContent);
netSdkFixture = new NetSDKCredentialsFileTestFixture();
originalCredsChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalRegionChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalEndpointDiscoveryEnabledChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalConfigurationChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackInternalConfigurationFactory), "_credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackInternalConfigurationFactory), "_credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalAWSProfileValue = Environment.GetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE);
if (!setAwsConfigsProfileValue)
{
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, awsProfileValue);
}
if (newEnvironmentVariables != null)
{
foreach (var envVariable in newEnvironmentVariables)
{
var originalValue = Environment.GetEnvironmentVariable(envVariable.Key);
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
originalEnvironmentVariables.Add(envVariable.Key, originalValue);
}
}
originalAwsconfigAwsProfileName = AWSConfigs.AWSProfileName;
originalAwsconfigAwsProfilesLocation = AWSConfigs.AWSProfilesLocation;
if (setAwsConfigsProfileValue)
{
AWSConfigs.AWSProfileName = awsProfileValue;
AWSConfigs.AWSProfilesLocation = sharedFixture.CredentialsFilePath;
}
try
{
// reset before use to ensure the new credentialProfileChains are used.
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
FallbackInternalConfigurationFactory.Reset();
}
catch (Exception ex)
{ // If any exceptions happen during the intial resets, perhaps due to invalid config
// dispose right away to reset back to the initial configuration
Dispose();
throw ex;
}
}
/// <summary>
/// Use this if you want to temporarily simulate production environment access for debugging.
/// The accessKey and secret are usually that of a root admin user.
/// </summary>
public static void LoadAwsDevIdentity(this IConfiguration @this, string accessKey, string secret, bool loadSecrets)
{
AWSConfigs.RegionEndpoint = RegionEndpoint.EUWest1;
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () => new BasicAWSCredentials(accessKey, secret));
if (loadSecrets)
{
@this.LoadAwsSecrets();
}
}
public static void LoadAwsDevIdentity(this IConfiguration @this)
{
AWSConfigs.RegionEndpoint = RegionEndpoint.EUWest1;
FallbackCredentialsFactory.Reset();
var accessKey = @this["Aws:Credentials:AccessKey"];
var secret = @this["Aws:Credentials:Secret"];
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () => new BasicAWSCredentials(accessKey, secret));
}
public void Dispose()
{
foreach (KeyValuePair <string, string> envVariable in originalEnvironmentVariables)
{
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
}
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
}
public void Initialize()
{
originalFallbackList = FallbackCredentialsFactory.CredentialsGenerators;
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators = new List <FallbackCredentialsFactory.CredentialsGenerator>()
{
() => { return(BasicCredentials); }
};
AWSConfigs.AWSRegion = AWSRegion.SystemName;
}
public void Dispose()
{
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, originalAWSProfileValue);
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", originalRegionChain);
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", originalCredsChain);
netSdkFixture.Dispose();
sharedFixture.Dispose();
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
}
public FallbackFactoryTestFixture(Dictionary <string, string> newEnvironmentVariables = null)
{
if (newEnvironmentVariables != null)
{
foreach (KeyValuePair <string, string> envVariable in newEnvironmentVariables)
{
var originalValue = Environment.GetEnvironmentVariable(envVariable.Key);
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
originalEnvironmentVariables.Add(envVariable.Key, originalValue);
}
}
// reset before use to ensure the new credentialProfileChains are used.
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
}
/// <summary>
/// Use this if you want to have AWS calls made under a user.
/// </summary>
public static void LoadAwsDevIdentity(this IConfiguration @this, string accessKey, string secret, RegionEndpoint endpoint, bool loadSecrets)
{
AWSConfigs.RegionEndpoint = endpoint;
if (accessKey.HasValue() && secret.HasValue())
{
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators.Insert(0, () => new BasicAWSCredentials(accessKey, secret));
}
else
{
Log.For(typeof(AWSExtensions))
.Warning("Using the machine default AWS Role since there is no secret in appSettings under" +
"Aws { Credentials { AccessKey: ... , Secret: ... } }");
}
if (loadSecrets)
{
@this.LoadAwsSecrets();
}
}
public void Dispose()
{
foreach (var envVariable in originalEnvironmentVariables)
{
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
}
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, originalAWSProfileValue);
Environment.SetEnvironmentVariable(AWS_ENABLE_ENDPOINT_DISCOVERY_ENVIRONMENT_VARIABLE, originalAWSEnableEndpointDiscoveryValue);
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", originalRegionChain);
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", originalCredsChain);
ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain", originalEndpointDiscoveryEnabledChain);
netSdkFixture.Dispose();
sharedFixture.Dispose();
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
}
public FallbackFactoryTestFixture(string sharedCredsFileContent, string awsProfileValue)
{
sharedFixture = new SharedCredentialsFileTestFixture(sharedCredsFileContent);
netSdkFixture = new NetSDKCredentialsFileTestFixture();
originalCredsChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalRegionChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
testAWSProfileValue = awsProfileValue;
if (testAWSProfileValue != null)
{
originalAWSProfileValue = Environment.GetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE);
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, testAWSProfileValue);
}
// reset before use to ensure the new credentialProfileChains are used.
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
}
public FallbackFactoryTestFixture(string sharedCredsFileContent, string awsProfileValue, Dictionary <string, string> newEnvironmentVariables = null)
{
sharedFixture = new SharedCredentialsFileTestFixture(sharedCredsFileContent);
netSdkFixture = new NetSDKCredentialsFileTestFixture();
originalCredsChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackCredentialsFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalRegionChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackRegionFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalEndpointDiscoveryEnabledChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackEndpointDiscoveryEnabledFactory), "credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalConfigurationChain = (CredentialProfileStoreChain)ReflectionHelpers.Invoke(typeof(FallbackInternalConfigurationFactory), "_credentialProfileChain");
ReflectionHelpers.Invoke(typeof(FallbackInternalConfigurationFactory), "_credentialProfileChain", new CredentialProfileStoreChain(sharedFixture.CredentialsFilePath));
originalAWSProfileValue = Environment.GetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE);
Environment.SetEnvironmentVariable(AWS_PROFILE_ENVIRONMENT_VARIABLE, awsProfileValue);
if (newEnvironmentVariables != null)
{
foreach (var envVariable in newEnvironmentVariables)
{
var originalValue = Environment.GetEnvironmentVariable(envVariable.Key);
Environment.SetEnvironmentVariable(envVariable.Key, envVariable.Value);
originalEnvironmentVariables.Add(envVariable.Key, originalValue);
}
}
// reset before use to ensure the new credentialProfileChains are used.
FallbackCredentialsFactory.Reset();
FallbackRegionFactory.Reset();
FallbackEndpointDiscoveryEnabledFactory.Reset();
FallbackInternalConfigurationFactory.Reset();
}
public void Cleanup()
{
FallbackCredentialsFactory.Reset();
FallbackCredentialsFactory.CredentialsGenerators = originalFallbackList;
}