« AWS SDK for .NET » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
Aucun résumé des modifications
Aucun résumé des modifications
Ligne 1 : Ligne 1 :
[[Category:AWS]]
[[Category:AWS]]
= [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-config Config] =
<filebox fn='∼/.aws/config' lang='ini'>
[default]
region = eu-central-1
[profile profile1]
sso_session = my-sso
sso_account_id = 111122223333
sso_role_name = SampleRole
sso_region = us-east-1
sso_start_url = https://my-sso-portal.awsapps.com/start
services = local-dynamodb
[services local-dynamodb]
dynamodb =
  endpoint_url = http://localhost:8000
</filebox>
= [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-creds Credentials] =
= [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-creds Credentials] =
<filebox fn='∼/.aws/credentials' lang='ini'>
<filebox fn='∼/.aws/credentials' lang='ini'>
[default]
[default]
aws_access_key_id=...
aws_access_key_id = ...
aws_secret_access_key=...
aws_secret_access_key = ...
aws_session_token=...
aws_session_token = ...


[profile1]
[profile1]

Version du 26 février 2024 à 13:56

Config

∼/.aws/config 
[default]
region = eu-central-1

[profile profile1]
sso_session = my-sso
sso_account_id = 111122223333
sso_role_name = SampleRole
sso_region = us-east-1
sso_start_url = https://my-sso-portal.awsapps.com/start
services = local-dynamodb

[services local-dynamodb]
dynamodb = 
  endpoint_url = http://localhost:8000

Credentials

∼/.aws/credentials 
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
aws_session_token = ...

[profile1]
key=value

Secrets Manager

Cognito

Program.cs 
builder.Services.AddCognitoIdentity();
builder.Services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
    options.Authority = builder.Configuration["AWSCognito:Authority"];
    options.Audience = builder.Configuration["AWSCognito:UserPoolClientId"];
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuerSigningKey = true,
        ValidateAudience = true
    };
    options.TokenValidationParameters.AudienceValidator = (audiences, securityToken, validationParameters) =>
    {
        // Cognito tokens doesn't have "aud" claim. Instead the audience is set in "client_id"
        var jsonWebToken = (Microsoft.IdentityModel.JsonWebTokens.JsonWebToken)securityToken;
        if (!jsonWebToken.Claims.Any(f => f.Type == "aud"))
            return false;
        return validationParameters.ValidAudience.Contains(jsonWebToken.Claims.First(f => f.Type == "aud").Value);
    };
});
Récupérée de « http://wiki.bananeatomic.fr/index.php?title=AWS_SDK_for_.NET&oldid=30202 »