如何在 C# .NET 核心控制台程序中指定 AWS 凭证 [英] How to specify AWS credentials in C# .NET core console program
问题描述
我正在尝试测试 .NET 核心控制台程序以向 SNS 发布消息.由于我在尝试让它在 Lambda 中工作时遇到问题,我想在非 Lambda 环境中尝试它.在 Lambda 中,角色涵盖了安全性,但在控制台程序中,我认为我必须以某种方式指定我的访问密钥和秘密.
I am trying to test a .NET core console program to publish a message to SNS. As I had issues trying to get it to work in Lambda, I want to try it in a non-Lambda environment. In Lambda, security is covered by the role, but in a console program, I presume that I have to specify my access key and secret somehow.
我已阅读此页面:http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html#net-dg-config-creds-sdk-store,但仍然完全困惑.
I've read this page: http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html#net-dg-config-creds-sdk-store, but still totally confused.
我在本地开发计算机上运行,而不是 EC2 实例.无意将其投入生产,只是尝试测试一些代码.
I'm running on my local development computer, not an EC2 instance. No intent to go to production with this, just trying to test some code.
我使用的是 Visual Studio 2015、.NET Core 1.0.我已经使用 Nuget 获得以下信息:"AWSSDK.Extensions.NETCore.Setup": "3.3.3","AWSSDK.SimpleNotificationService": "3.3.0.23",
I'm on Visual Studio 2015, .NET Core 1.0. I've used Nuget to get the following: "AWSSDK.Extensions.NETCore.Setup": "3.3.3", "AWSSDK.SimpleNotificationService": "3.3.0.23",
基于对如何设置凭据的回答NET Core 上的 AWS 开发工具包? 我创建了/user/.aws/credentials 文件(假设凭证是文件名而不是目录名).
Based on the answer to How to set credentials on AWS SDK on NET Core? I created the /user/.aws/credentials file (assuming credentials was the file name and not the directory name).
但是那个问题/答案并没有解决如何实际使用这个文件.我正在运行的代码如下.
But that question/answer doesn't address how to actually use this file. The code I'm running is below.
public static void Main(string[] args)
{
Console.WriteLine("Started");
//var awsCredentials = new Amazon.Runtime.AWSCredentials()
var client = new Amazon.SimpleNotificationService.AmazonSimpleNotificationServiceClient(Amazon.RegionEndpoint.EUWest2);
//var client = new Amazon.SimpleNotificationService.AmazonSimpleNotificationServiceClient(awsCredentials, Amazon.RegionEndpoint.EUWest2);
//Amazon.SimpleNotificationService.Model.PublishResponse publishResp = null;
SendMessage(client).Wait();
Console.WriteLine("Completed call to SendMessage: Press enter to end:");
Console.ReadLine();
}
我在新客户端上遇到的错误是:
The error I'm getting on the new client is:
An unhandled exception of type 'Amazon.Runtime.AmazonServiceException' occurred in AWSSDK.Core.dll
Additional information: Unable to find credentials
我看到有一种方法可以将 AWSCredentials 对象传递给该构造函数,但我不明白如何构建它.Amazon.Runtime.AWSCredentials 是一个抽象类,所以我不能在new"语句中使用它.
I see there is a way to pass an AWSCredentials object to that constructor, but I don't understand how to build it. Amazon.Runtime.AWSCredentials is an abstract class, so I can't use it in a "new" statement.
推荐答案
基于 Dan Pantry 的回答,这里是一个简单的简短回答,代码突出显示(注意第二行中的区域枚举):
Based on Dan Pantry's answer, here is a simple short answer with code highlighted (note the region enum in the second line):
var awsCredentials = new Amazon.Runtime.BasicAWSCredentials("myaccesskey", "mysecretkey");
var client = new Amazon.SimpleNotificationService.AmazonSimpleNotificationServiceClient(
awsCredentials, Amazon.RegionEndpoint.EUWest2);
如果可能,请使用角色,但在需要时使用上述角色.那么问题是访问密钥/秘密密钥存储在哪里;可以是环境变量、配置文件、提示用户或任何常见的嫌疑人.
Use a role if possible, but above works when needed. Then the question is where to store the access key/secret key; could be environment variable, config file, prompt the user, or any of the usual suspects.
AWS-CLI 和 Python 使用来自此处的凭据:c:\Users\username\.aws\credentials,因此 C# 可以读取该文件,以免将代码放入 C#程序本身.但是,每个运行该程序的用户/开发人员都需要在那里设置他们的凭据.
AWS-CLI and Python use credentials from here: c:\Users\username\.aws\credentials, so the C# could just read that file so as not to put the codes in the C# program itself. But then each user/developer that runs the program would need to set their credentials there.
现在也有在本地机器上运行Lambda的概念,不过我还没试过:https://dzone.com/articles/run-aws-lambda-functions-locally-on-windows-machin#:~:text=Step%201%3A%20Download%20SAM%20local,version%20with%20the%20command%20below.&text=Step%203%3A%20Write%20your%20lambda,yaml%20on%20the%20root%20level.所以重点是,如果您打算使用 Lambda,但您需要先在本地进行测试,那么这可能值得一试.
There is also now a concept of running Lambda on your local machine, but I haven't tried it yet: https://dzone.com/articles/run-aws-lambda-functions-locally-on-windows-machin#:~:text=Step%201%3A%20Download%20SAM%20local,version%20with%20the%20command%20below.&text=Step%203%3A%20Write%20your%20lambda,yaml%20on%20the%20root%20level. So the point is that if you are going to do Lambda, but you need to test locally first, this would probably be worth trying.
这篇关于如何在 C# .NET 核心控制台程序中指定 AWS 凭证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
