private static AWSCredentials GetCredential(string profileName)
{
var netSDK = new NetSDKCredentialsFile();
if (netSDK.TryGetProfile(profileName, out CredentialProfile profile) && AWSCredentialsFactory.TryGetAWSCredentials(profile, netSDK, out AWSCredentials credentials))
{
return(credentials);
}
throw new NullReferenceException($"{nameof(profileName)} not found from exsiting profile list. Make sure you have set Profile");
}
public CredentialProfile GetAwsProfile(string profileName)
{
var credentialFile = new NetSDKCredentialsFile();
CredentialProfile profile;
if (!credentialFile.TryGetProfile(profileName, out profile))
{
return(null);
}
return(profile);
}
private static void EnsureAwsCredentials()
{
// http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html
var credentialsFile = new NetSDKCredentialsFile();
if (!credentialsFile.TryGetProfile(_defaultProfile, out var _))
{
RegisterProfileFromUser(credentialsFile);
}
}
public static void MigrateProfile()
{
// Credential profile used to be stored in .net sdk credentials store.
// Shared credentials file is more modern. Migrate old profile if needed.
// Shows good form for profile management
CredentialProfile profile;
var scf = new SharedCredentialsFile();
if (!scf.TryGetProfile(profileName, out _))
{
var nscf = new NetSDKCredentialsFile();
if (nscf.TryGetProfile(profileName, out profile))
{
scf.RegisterProfile(profile);
nscf.UnregisterProfile(profileName);
}
}
}
private AWSCredentials GetCredentials()
{
const string profileName = "example_profile";
const string endpointName = profileName + "_endpoint";
const string samlEndpointUrl = "https://<adfs host>/adfs/ls/IdpInitiatedSignOn.aspx?loginToRp=urn:amazon:webservices";
//Create and register our saml endpoint that will be used by our profile
var endpoint = new SAMLEndpoint(
endpointName,
new Uri(samlEndpointUrl),
SAMLAuthenticationType.Negotiate);
var endpointManager = new SAMLEndpointManager();
endpointManager.RegisterEndpoint(endpoint);
//Use the default credential file. This could be substituted for a targeted file.
var netSdkFile = new NetSDKCredentialsFile();
CredentialProfile profile;
//See if we already have the profile and create it if not
if (netSdkFile.TryGetProfile(profileName, out profile).Equals(false))
{
var profileOptions = new CredentialProfileOptions
{
EndpointName = endpointName,
//This was kind of confusing as the AWS documentation did not say that this was
//a comma separated string combining the principle ARN (the ARN of the identity provider)
//and the ARN of the role. The documentation only shows that it's the ARN of the role.
RoleArn = principleArn + "," + roleArn
};
profile = new CredentialProfile(profileName, profileOptions);
profile.Region = RegionEndpoint.USEast1;
//Store the profile
netSdkFile.RegisterProfile(profile);
}
return(AWSCredentialsFactory.GetAWSCredentials(profile, netSdkFile));
}
private static AmazonDynamoDBClient GetAwsClient()
{
CredentialProfile profile;
AWSCredentials awsCredentials;
var file = new NetSDKCredentialsFile();
if (!file.TryGetProfile(Application.AwsProfile, out profile))
{
return(null);
}
if (!AWSCredentialsFactory.TryGetAWSCredentials(profile, file, out awsCredentials))
{
return(null);
}
AmazonDynamoDBConfig config = new AmazonDynamoDBConfig();
config.RegionEndpoint = Application.AwsRegion;
return(new AmazonDynamoDBClient(awsCredentials, config));
}
