[英]Retrieving AWS secrets using Visual Studio toolkit
我正在使用 AWS Secrets manager 存储一些 API 密钥。 在 AWS Secrets Manager 控制台中配置后,我尝试使用他们的示例代码来检索我存储的密钥。 这是应该使用的代码:
public static void GetSecret()
{
string secretName = "XYXYXYX";
string region = "us-west-2";
string secret = "";
MemoryStream memoryStream = new MemoryStream();
IAmazonSecretsManager client = new AmazonSecretsManagerClient(RegionEndpoint.GetBySystemName(region));
//IAmazonSecretsManager client = new AmazonSecretsManagerClient((new StoredProfileAWSCredentials()));
GetSecretValueRequest request = new GetSecretValueRequest();
request.SecretId = secretName;
request.VersionStage = "AWSCURRENT"; // VersionStage defaults to AWSCURRENT if unspecified.
GetSecretValueResponse response = null;
// In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
// See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
// We rethrow the exception by default.
try
{
response = client.GetSecretValueAsync(request).Result;
}
catch (DecryptionFailureException e)
{
// Secrets Manager can't decrypt the protected secret text using the provided KMS key.
// Deal with the exception here, and/or rethrow at your discretion.
throw;
}
catch (InternalServiceErrorException e)
{
// An error occurred on the server side.
// Deal with the exception here, and/or rethrow at your discretion.
throw;
}
catch (InvalidParameterException e)
{
// You provided an invalid value for a parameter.
// Deal with the exception here, and/or rethrow at your discretion
throw;
}
catch (InvalidRequestException e)
{
// You provided a parameter value that is not valid for the current state of the resource.
// Deal with the exception here, and/or rethrow at your discretion.
throw;
}
catch (ResourceNotFoundException e)
{
// We can't find the resource that you asked for.
// Deal with the exception here, and/or rethrow at your discretion.
throw;
}
catch (System.AggregateException ae)
{
// More than one of the above exceptions were triggered.
// Deal with the exception here, and/or rethrow at your discretion.
throw;
}
// Decrypts secret using the associated KMS CMK.
// Depending on whether the secret is a string or binary, one of these fields will be populated.
if (response.SecretString != null)
{
secret = response.SecretString;
}
else
{
memoryStream = response.SecretBinary;
StreamReader reader = new StreamReader(memoryStream);
string decodedBinarySecret = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(reader.ReadToEnd()));
}
// Your code goes here.
}
当我尝试运行它时,我收到以下错误:
System.AggregateException: 'https://secretsmanager.us-west-2.amazonaws.comgisteredAccounts.jsonET_Core/3.1.4 OS/Microsoft_Windows_6.)'
Inner Exception
AmazonServiceException: Unable to get IAM security credentials from EC2 Instance Metadata Service.
我正在使用适用于 VS2019 的 AWS 工具包,并且确实验证了凭证是否良好(我能够直接从工具包访问 S3 存储桶对象)。
是否还需要做其他事情来检索秘密?
问题在于 env 变量中的默认配置文件不可用。 我使用 AWS 配置为默认配置文件设置凭据,并修改了客户端的创建,如下所示:
var config = new AmazonSecretsManagerConfig { RegionEndpoint = RegionEndpoint.USWest2 };
IAmazonSecretsManager client = new AmazonSecretsManagerClient(config);
一旦完成,我就可以揭开我的秘密
在 Visual Studio 2019 中使用 AWS Toolkit for LocalStack?
[英]Using AWS Toolkit in Visual Studio 2019 for LocalStack?
在Visual Studio 2017中使用AWS Toolkit通过.Net Core 2部署到Beanstalk
[英]Using AWS Toolkit In Visual Studio 2017 To Deploy to Beanstalk With .Net Core 2
Visual Studio Code AWS Toolkit - 如何使用联合登录进行连接 -
[英]Visual Studio Code AWS Toolkit - How to connect using federated login -
使用AWS无服务器应用程序模型AWS SAM的适用于Visual Studio Code的AWS Toolkit
[英]AWS Toolkit for Visual Studio Code using the AWS Serverless Application Model AWS SAM
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.