Closed ralsu091 closed 7 years ago
Based on the observation, it appears all the mechanism used to obtain AWS access key id and secret access key have failed.
Exception 1 of 3 reads from the user profile store, which is a folder in the user's folder .aws sub folder. It can be created using AWS CLI command by via 'aws configure'.
Exception 2 of 3 shows it fail to read any environment variable. It is possible to set them in code the following way:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", "xxx");
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", "yyy");
Environment.SetEnvironmentVariable("AWS_REGION", "us-east-1");
If user profile store is specified, it will override environment variable.
For a quick and dirty fix, I suggest you put the environment variable in code to make it work. While a long term solution would be to put it in profile which will prevent you from checking in access key id and secret access key to your code repository.
@imkheong Thanks for the suggestion. I opted to keep using profile stores. I needed to modify the Application pool to load the user profile in IIS. This allowed the retrieval of the default profile that was set using AWS CLI.
Thanks for the help!
I know this is closed, but I ran into this and was completely frustrated for a while trying to get everything to work. I found that adding the ProfilesLocation
setting to the appconfig.json
file worked for me.
"AWS": {
"Profile": "default",
"ProfilesLocation": "C:\\code\\myapp\\awscredentials",
"Region": "us-east-1",
Then create the awscredentials file like so:
[default]
aws_access_key_id = <access-key>
aws_secret_access_key = <secret-key>
[development]
aws_access_key_id = <access-key>
aws_secret_access_key = <secret-key>
You may name the file whatever you want. Just make sure you reference it using ProfilesLocation
.
If, instead, you want to use SetEnvironment
like @imkheong pointed out, I suggest putting the keys in theappsettings.json
file and referencing them like this in ConfigureServices
before adding any AWS services:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AccessKey"])
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:SecretKey"])
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"])
services.AddDefaultAWSOptions(Configuration.GetAWSOptions());
services.AddAWSService<IAmazonSimpleEmailService>();
This is what the AWS section of appsettings.json
would look like:
"AWS": {
"AccessKey": "abc",
"SecretKey": "xyz",
"Region": "us-east-1"
},
This issue ought to be reopened. I still am not sure why the appsettings.json configuration is getting completely ignored. If I need to write it somewhere else using aws configure
, why do I even need the appsettings.json keys?
We're using a continuous deployment model, and the settings were in the appsettings.json file, but I was getting the same error.
It is not that the appsettings.json file is ignored. The tricky part is it is referring to a profile that isn't found when run under a system user like IIS is. By default system users don't have a user profile loaded so the SDK can't find the credentials for the profile. That is why @Shawski was having the appsettings.json point to a credentials file outside of the current user's directory.
I took the same keys in my appsettings.json, which threw the above error, and added them with the appropriate casing to my environment variables and everything worked. Either some or all of the appsettings.json keys are getting ignored...
In my experience the whole appsettings.json is ignored. I would assume is a problem between Windows and Linux new line
@normj Should I create a new issue or can we reopen this one?
Sounds like it is worth opening a new issue. Try to add as much information as you can about how your application is running so I can try understand what is different from your environment to how I have tested.
@normj I'm not sure what other information to add. I have the following in my appsettings.json.
"AWS": {
"AccessKey": "abc",
"SecretKey": "xyz",
"Region": "us-east-1"
}
Even so, I'm getting a "unable to find a default profile" error.
Amazon.Runtime.AmazonServiceException: Unable to find credentials Exception 1 of 3: Amazon.Runtime.AmazonClientException: Unable to find a default profile in CredentialProfileStoreChain. Exception 2 of 3: System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Edit: I see the problem. There's no logic for picking up an access key or secret key from the appsettings.json. I guess the logic there is that it's not a good idea to commit your secrets to a config file, and it is a much better idea to use environment variables. However, the enviornment-scoped appsettings.json is how I avoid setting global environment variables on my development machine that don't get pushed to production.
I'm going to submit a PR that reads these keys from appsettings.json. I think it will cure a few headaches for new users.
@Shawski I just want to thank you for taking the time to come back to this topic. I have used your code (enviroment variable) and it works great.
I can't get this working. Neither with ProfilesLocation in the appsettings.json - or putting the keys directly in. Can somebody please paste in their entire appsettings.json to make sure I don't have a formatting issue (VS isn't coming up with one). It works fine in MVC5 - not in my new .net Core app. Thanks.
I am still getting the same error even when using environment variables or using them in a file.
I continue to receive "System.InvalidOperationException: The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials." after setting environment variables following these instructions:
https://docs.aws.amazon.com/cli/latest/userguide/cli-environment.html
Somehow this issue does not seem to be resolved.
ok for new comers here's how you get AWS service to use your appsettings
In Startup.cs
services.AddDefaultAWSOptions(Configuration.GetAWSOptions()); services.AddAWSService<IAmazonSimpleEmailService>();
Surely add AWS configuration to appsettings
"AWS": { "Profile": "profileName", "Region": "us-east-1" }
be sure you use AWS Visual Studio toolkit
Lastly in order to use above configuration in your AWS service you have to add the service with Dependency Injection to your class and use it
for Example to send emails with SimpleEmailService in the EmailSender class:
public class EmailSender : IEmailSender { IAmazonSimpleEmailService _SES; public EmailSender(IAmazonSimpleEmailService SES) { _SES= SES; }
and then call it in your function and dont use AmazonSimpleEmailServiceClient
_SES.SendEmailAsync(sendRequest);
@LandonCampbell @Shawski @davismj I have code in startup like this:
Environment.SetEnvironmentVariable("AWS_ACCESS_KEY_ID", Configuration["AWS:AccessKey"]);
Environment.SetEnvironmentVariable("AWS_SECRET_ACCESS_KEY", Configuration["AWS:SecretKey"]);
Environment.SetEnvironmentVariable("AWS_REGION", Configuration["AWS:Region"]);
var awsOption = Configuration.GetAWSOptions();
awsOption.Credentials = new EnvironmentVariablesAWSCredentials();
services.AddDefaultAWSOptions(awsOption);
but I am still getting error on linux : The environment variables AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN were not set with AWS credentials.
Fixed error with using code:
var awsOption = Configuration.GetAWSOptions();
awsOption.Credentials = new BasicAWSCredentials(Configuration["AWS:AccessKey"], Configuration["AWS:SecretKey"]);
services.AddDefaultAWSOptions(awsOption);
Hello,
Following: https://aws.amazon.com/blogs/developer/configuring-aws-sdk-with-net-core/ I have setup appsettings.json as the following:
My Startup.cs has the following:
When I deploy the website to a Windows Server 2008 R2, the website crashes on startup and the logs show the following:
Am I missing something? Is this the correct way to use AWS profiles with dotnet core apps?
I appreciate your help.
Thanks