/// <summary> /// Tries to load the specified profile data corresponding to profile type T from a named /// profile in the SDK account store. /// </summary> /// <param name="profileName">The name of the profile holding the settings.</param> /// <param name="profile">The loaded profile data.</param> /// <returns>Returns true if the profile exists otherwise false is returned.</returns> /// <remarks> /// Currently supported profile types: AWSCredentialsProfile and SAMLRoleProfile. /// </remarks> public static bool TryGetProfile <T>(string profileName, out T profile) where T : ProfileSettingsBase { profile = null; try { if (typeof(T) == typeof(AWSCredentialsProfile)) { profile = AWSCredentialsProfile.LoadFrom(profileName) as T; } else if (typeof(T) == typeof(SAMLRoleProfile)) { profile = SAMLRoleProfile.LoadFrom(profileName) as T; } else { throw new ArgumentException("Unrecognized profile type parameter", (typeof(T).FullName)); } } catch (Exception e) { Logger.GetLogger(typeof(ProfileManager)).Error(e, "Unable to load profile {0}, unknown profile, missing/invalid data or unrecognized profile type.", profileName); } return(profile != null); }
/// <summary> /// <para> /// Registers a role-based profile to be used with SAML authentication. The profile contains /// details of the role to be assumed when AWS credentials are requested based on the role and /// a reference to a SAML endpoint profile containing details of the endpoint to be called to /// authenticate the user. /// </para> /// <para> /// If user identity information is not supplied then the identity of the logged-in user will /// be used when authenticaton is performed against the endpoint referenced in the SAML endpoint /// profile. If identity is provided, no password information is stored in the role profile and /// the user must supply the password for the identity prior to authentication with the endpoint. /// </para> /// </summary> /// <param name="profileName">Name to be assigned to the profile</param> /// <param name="endpointName"> /// The name assigned to the endpoint settings, previously saved with RegisterSAMLEndpoint. /// </param> /// <param name="roleArn"> /// The arn of the role that the user wants to assume when using this profile. This /// must be one of the set returned by the saml endpoint when the user authenticates. /// </param> /// <param name="userIdentity"> /// Optional. By default the identity of the logged-in user will be used when authentication /// is performed - the user will not be prompted to supply a password. By supplying a custom /// identity for this parameter, the user will be prompted to supply the password for the /// identity prior to authentication. /// </param> public static void RegisterSAMLRoleProfile(string profileName, string endpointName, string roleArn, string userIdentity) { SAMLRoleProfile.Persist(profileName, endpointName, roleArn, userIdentity); }
/// <summary> /// Loads and returns all available credential profiles registered in the store. /// </summary> /// <returns>Collection of profiles.</returns> public static IEnumerable <ProfileSettingsBase> ListProfiles() { var profiles = new List <ProfileSettingsBase>(); var profileNames = ListProfileNames(); foreach (var profileName in profileNames) { try { if (SAMLRoleProfile.CanCreateFrom(profileName)) { profiles.Add(SAMLRoleProfile.LoadFrom(profileName)); } else if (AWSCredentialsProfile.CanCreateFrom(profileName)) { profiles.Add(AWSCredentialsProfile.LoadFrom(profileName)); } } catch (Exception e) { Logger.GetLogger(typeof(ProfileManager)).Error(e, "Error loading AWS credential or SAML role profile '{0}'", profileName); } } return(profiles); }