0

I am currently moving an ASP.NET application made by a third party from Windows to Linux. I read the documentation and nothing indicates this should be a problem, but sadly

var profile = new CredentialProfile(profileName, credentials) {
    Region = RegionEndpoint.EUWest1
};

var netSDKFile = new NetSDKCredentialsFile();
netSDKFile.RegisterProfile(profile);

throws the following exception

Unhandled Exception: Amazon.Runtime.AmazonClientException: The encrypted store is not available.  This may be due to use of a non-Windows operating system or Windows Nano Server, or the current user account may not have its profile loaded.
   at Amazon.Util.Internal.SettingsManager.EnsureAvailable()
   at Amazon.Runtime.CredentialManagement.NetSDKCredentialsFile..ctor()

Is the Amazon .NET SDK(or a part of it) not supported on Linux? If that is the case, is there a possible workaround?

pikausp
  • 1,142
  • 11
  • 31

2 Answers2

2

For the most part there is very little that isn't supported on Linux that is supported on Windows. Off of the top of my head I can't think of anything besides NetSDKCredentialsFile which is due to the fact it uses Win32 API to encrypt credentials.

You can use SharedCredentialsFile to register a profile in the credentials file stored under ~/.aws/credentials. This is the same credential stored supported by all of the other AWS SDK and Tools.

Norm Johanson
  • 2,964
  • 14
  • 13
0

Following on from Norm's answer, I found this resource that explained how to use Shared Credentials: https://medium.com/@somchat/programming-using-aws-net-sdk-9ce3f5119633

This is how I was previously using NetSDKCredentials, which won't work for Linux/Mac OS:

//Try this code on a non-Windows platform and you will see the above error
var options = new CredentialProfileOptions
  {
    AccessKey = "access_key",
    SecretKey = "secret_key"
  };
var profile = new CredentialProfile("default", options);
profile.Region = RegionEndpoint.USWest1;
NetSDKCredentialsFile file = new NetSDKCredentialsFile();
file.RegisterProfile(profile);

But I was then able to use this example to use SharedCredentials:

var credProfileStoreChain = new CredentialProfileStoreChain();
if (credProfileStoreChain.TryGetAWSCredentials("default", out AWSCredentials awsCredentials))
{
  Console.WriteLine("Access Key: " + awsCredentials.GetCredentials().AccessKey);
  Console.WriteLine("Secret Key: " + awsCredentials.GetCredentials().SecretKey);
}
Console.WriteLine("Hello World!");

You'll then be able to see your code is able to access the keys:

Access Key: A..................Q
Secret Key: 8.......................................p
Hello World!

I then used System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform() (as I am using this code on both Windows and Linux), to determine which credentials to use:

using System.Runtime.InteropServices;

//NETSDK Credentials only work on Windows - must use SharedCredentials on Linux
bool isLinux = System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(OSPlatform.Linux);

if (isLinux) {

    //Use SharedCredentials
            
} else { 

    //Use NetSDKCredentials

}

You may find this section of the AWS documentation helpful, too: https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html#creds-locate

to6y
  • 96
  • 1
  • 9