Is there a way to retrieve AWS Credentials information from AWS SDK?

Question

I'm trying to setup healthchecks for some required services to my dotnet core 3.1 API and I'm struggling on Amazon DynamoDB check.

We're using the Xabaril healthcheck packages and the DynamoDb one ask for a DynamoDBOptions that requires the AccessKey, SecretKey and RegionEndpoint.

I know the AWS SDK get this information from the environment Credentials profile configuration:

using Amazon.DynamoDBv2;
//... other usings

public void ConfigureServices(IServiceCollection services)
{
    // ... other stufs
    services.AddAWSService<IAmazonDynamoDB>();
    // ...
}

...But I need get it too in order to set up my dependency healthcheck like this:

    services.AddHealthChecks()
        .AddDynamoDb(dynamoDbOptions => 
            { 
                dynamoDbOptions .AccessKey = "<???>";
                dynamoDbOptions .RegionEndpoint = Amazon.RegionEndpoint.EUWest2; // <???>
                dynamoDbOptions .SecretKey = "<???>";
            }, "DynamoDB");

How can I get this <???> infos from AWS SDK packages?

score 6 · Accepted Answer · answered Nov 16 '21 at 14:32

After spend some more time in the official docs, I found the topic that covers exactly this need: Accessing credentials and profiles in an application.

To actively retrieve profiles and credentials, use classes from the Amazon.Runtime.CredentialManagement namespace.

In fact, we can use the SharedCredentialsFile class to find a profile in a file that uses the AWS credentials file format, the NetSDKCredentialsFile class to find a profile in the SDK Store or even CredentialProfileStoreChain to search in both.

You can see the examples in the link above. I got this in my case:

private static AWSCredentials GetAccountCredentials(string profileName = "default")
{
    var chain = new CredentialProfileStoreChain();
    if (chain.TryGetAWSCredentials(profileName, out AWSCredentials awsCredentials))
        return awsCredentials;

    // ToDo: Error Handler
    return null;
}

score 2 · Answer 2 · answered Nov 13 '21 at 13:47

2

Yes, the AWS SDKs give programmatic access to IAM AccessKey and SecretKey credentials stored in the local shared AWS credentials file.

I am not a c# dev, but perhaps see the .net sdk AWSCredentialsFactory.GetAWSCredentials method or this blogpost.

answered Nov 13 '21 at 13:47

fedonev

20,327
2
25
34

Thanks for check, I've found my way thru the docs. I've shared the code here in a more explicit way =) – Diego Rafael Oliveira Souza Nov 16 '21 at 14:34

Is there a way to retrieve AWS Credentials information from AWS SDK?

2 Answers2