Reputation: 784
How do I access an AWS secret once configured in .NET?
I have been trying to find a way to use ASP .NET Core 2.1 and retrieve secrets from Secret Manager in AWS.
I found a great blog post and it appears to compile/run without errors but I cannot for the life of me figure out how to access the secrets.
Any help would be appreciated!
https://andrewlock.net/secure-secrets-storage-for-asp-net-core-with-aws-secrets-manager-part-1/
My code:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;
// Secrets
using Amazon;
// Secrets
namespace EJ2FileManagerService
{
public class Program
{
// Secrets
// Secrets
public static void Main(string[] args)
{
CreateWebHostBuilder(args).Run();
}
public static IWebHost CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.ConfigureAppConfiguration((hostingContext, config) =>
{
config.AddSecretsManager( region: RegionEndpoint.USEast2, configurator: ops =>
{
ops.KeyGenerator = (secret, name) => name.Replace("__", ":");
}
);
Console.WriteLine("Hello World!");
})
.UseStartup<Startup>()
.Build();
}
}Long story short -- I need a secret from AWS in my .NET code. So if I wanted to console write a secret into a Console.WriteLine statement, how would I do it?
Upvotes: 2
Views: 1997
Answers (1)
Reputation: 121869
OK - so your question is how to READ a secret. Let's try different tutorials:
Example 1: use SecretsManager (much like your original tutorial is doing):
https://nimblegecko.com/how-to-use-aws-secret-manager-secrets-in-dotnet-core-application/
var client = new AmazonSecretsManagerClient(accessKeyId, secretAccessKey, RegionEndpoint.APSoutheast2); var request = new GetSecretValueRequest { // this gets your secret name, 'web-api/passwords/database' in our case SecretId = secretName }; GetSecretValueResponse response = null; try { response = client.GetSecretValueAsync(request).Result; } ...
Example 2: use SecretClient:
var keyVaultUrl = "https://<your-key-vault-name>.vault.azure.net/"; var credential = new DefaultAzureCredential(); var client = new SecretClient(vaultUri: new Uri(keyVaultUrl), credential); KeyVaultSecret secret = client.GetSecret("<your-secret-name>"); Console.WriteLine($"{secret.Name}: {secret.Value}");
The official documentation is here:
AWS SDK for .NET Documentation
If it's still confusing, take a look at the AWS SDK Developer Guide and/or some of the blogs the AWS Documentation page links to.
Upvotes: 0
Related Questions
- Get secrets from AWS Secret manager without passing access key and secret key from config
- Setting up AWS Secrets Manager .Net Core
- Retrieving secrets from AWS with C# without storing access credentials in code base
- Access secret key from AWS Secret Manager
- Access Db connection parameter from AWS Secrets from lambda using dotnet core
- How does an EC2 instance access the Aws Secrets Manager
- AWS Secret Manager with .Net Core throws socket exception
- AWS Secret Manager - 403 response on GetSecret
- Socket exception on AWS Secrets Manager GetSecretValueAsync on .NET Core 2.1
- How can I get the value of a secret from within an EC2 instance?