如何在 .NET AWS SDK 中担任角色
[英]How to assume a role in .NET AWS SDK
问题描述
I'm trying to build a .net core mvc app that allows the user to send data to a dynamodb, but I can't seem to assume the role for permissions to describe my table.
我正在尝试构建一个 .net 核心 mvc 应用程序,该应用程序允许用户将数据发送到 dynamodb,但我似乎无法承担描述我的表的权限角色。 I get the following error every time I try:每次尝试时都会出现以下错误:
Unable to get IAM security credentials from EC2 Instance Metadata Service
First I have my controller (Index is where the user form is submitted):首先我有我的 controller (索引是提交用户表单的位置):
public class RfiController : Controller
{
private readonly IDynamoDBClient capture;
public RfiController(IDynamoDBClient dynamodb)
{
capture = dynamodb;
}
. . .
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Index(ViewModel Model)
{
. . .
///ASSUME THE role
ConfigProvider config = new ConfigProvider();
config.AWSRoleName = "rolename";
config.AWSRegion = "region";
config.Environment = "dev";
capture.DynamoDBClientService(config);
return View(Model);
}
}
}
This calls a library I created to handle my dynamodb connections and stuff.这调用了我创建的一个库来处理我的 dynamodb 连接和东西。 Here is the class:这是 class:
public class DynamoDBClient: IDynamoDBClient
{
private readonly IAmazonDynamoDB _client;
public DynamoDBClient(IAmazonDynamoDB dynamoDBClient)
{
_client = dynamoDBClient;
}
public void DynamoDBClientService(ConfigProvider config)
{
try
{
DescribeTableRequest request = new DescribeTableRequest
{
TableName = "tablename"
};
var result = _client.DescribeTableAsync(request);
var status = result.Result.Table.TableStatus;
}
catch (Exception ex) //I catch and error `Unable to get IAM security credentials from EC2 Instance Metadata Service` here
{
throw ex;
}
}
static AssumeRoleResponse GetAssumeRoleResponseAsync(AmazonSecurityTokenServiceClient client, AssumeRoleRequest request)
{
AssumeRoleResponse response;
try
{
response = client.AssumeRoleAsync(request).Result;
}
catch (Exception ex)
{
throw ex;
}
return response;
}
}
I'm of course using my aws account in a credentials file.我当然在凭证文件中使用我的 aws 帐户。 When I try to run the app, I catch an error where I have specified.当我尝试运行该应用程序时,我在我指定的地方发现了一个错误。 How am i doing this wrong?我怎么做错了? I'm about as new to the aws sdk as one can be, so please forgive me of the answer if obvious.我对 aws sdk 很陌生,所以如果答案很明显,请原谅我。
1 个解决方案
解决方案1
1 已采纳 2020-05-25 14:48:02
It's better if you can create an IAM role and attach it to your instance on which you are running the.Net code.如果您可以创建一个 IAM 角色并将其附加到您正在运行 .Net 代码的实例,那就更好了。
IAM Role: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html IAM 角色: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
Also, make sure that you can reach the metadata url from within the instance: http://169.254.169.254/latest/meta-data/此外,请确保您可以从实例中访问元数据 url: http://169.254.169.254/latest/meta-data/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.