I am trying to connect to AWS DocumentDB from a C# Lambda function.
The problem is that it TLS is enabled on DocumentDB and it requires me to add a certificate to a local store.
This is fine if I was running on an EC2, because it requires READ/WRITE access to the local file system.
Since I am running on a Lambda, I'm not sure how I can achieve this.
Documentation that I've referenced.
I've tried the example code inside a Lambda and I get the following IOException (because it requires read/write access):
The X509 certificate could not be added to the store.: CryptographicException
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
at System.Security.Cryptography.X509Certificates.X509Store.Add(X509Certificate2 certificate)
at Lambdas.DependencyRegistar.ConfigureMongoDatabase() in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 113
at Lambdas.DependencyRegistar.ConfigureServices(IServiceCollection services) in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 35
at Lambdas.Handlers.BaseLambdaHandler..ctor(IServiceCollection services) in /build_and_deploy/src/Lambdas/Handlers/BaseLambdaHandler.cs:line 36
--> Read-only file system: IOException <--
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.AddCertToStore(ICertificatePal certPal)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
The same code works fine locally on my windows machine (because I was able to successfully add the cert to my local store).
