« AWS SDK for .NET » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
(→Config) |
(→Config) |
||
Ligne 24 : | Ligne 24 : | ||
</kode> | </kode> | ||
Define the {{boxx|AWS_PROFILE}} in the | Define the {{boxx|AWS_PROFILE}} in an env var while starting the project. | ||
<filebox fn='Properties\launchSettings.json' collapsed> | <filebox fn='Properties\launchSettings.json' collapsed> | ||
{ | { |
Version du 26 février 2024 à 16:31
Config
This file contains the profiles.
∼/.aws/config |
[default] region = eu-central-1 [profile Profile1] sso_start_url = https://my-sso-portal.awsapps.com/start sso_region = us-west-1 sso_account_id = 111122223333 sso_role_name = SampleRole region = eu-central-1 output = yaml-stream services = local-dynamodb [services local-dynamodb] dynamodb = endpoint_url = http://localhost:8000 |
aws sso login --profile Profile1 |
Define the AWS_PROFILE in an env var while starting the project.
Properties\launchSettings.json |
{ "profiles": { "MyProfile1": { "commandName": "Project", "launchBrowser": true, "launchUrl": "swagger", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development", "AWS_PROFILE": "Profile1" }, "applicationUrl": "https://localhost:5001;http://localhost:5000" } } |
Credentials
This file contains credentials linked to profiles.
∼/.aws/credentials |
[default] aws_access_key_id = ... aws_secret_access_key = ... aws_session_token = ... [Profile1] key = value |
Secrets Manager
Cognito
Program.cs |
builder.Services.AddCognitoIdentity(); builder.Services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.Authority = builder.Configuration["AWSCognito:Authority"]; options.Audience = builder.Configuration["AWSCognito:UserPoolClientId"]; options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, ValidateAudience = true }; options.TokenValidationParameters.AudienceValidator = (audiences, securityToken, validationParameters) => { // Cognito tokens doesn't have "aud" claim. Instead the audience is set in "client_id" var jsonWebToken = (Microsoft.IdentityModel.JsonWebTokens.JsonWebToken)securityToken; if (!jsonWebToken.Claims.Any(f => f.Type == "aud")) return false; return validationParameters.ValidAudience.Contains(jsonWebToken.Claims.First(f => f.Type == "aud").Value); }; }); |