如何在 .NET AWS SDK 中担任角色
How to assume a role in .NET AWS SDK
我正在尝试构建一个允许用户将数据发送到 dynamodb 的 .net 核心 mvc 应用程序,但我似乎无法承担描述我的 table 权限的角色。我每次尝试都会收到以下错误:
Unable to get IAM security credentials from EC2 Instance Metadata Service
首先我有我的控制器(索引是提交用户表单的地方):
public class RfiController : Controller
{
private readonly IDynamoDBClient capture;
public RfiController(IDynamoDBClient dynamodb)
{
capture = dynamodb;
}
. . .
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Index(ViewModel Model)
{
. . .
///ASSUME THE role
ConfigProvider config = new ConfigProvider();
config.AWSRoleName = "rolename";
config.AWSRegion = "region";
config.Environment = "dev";
capture.DynamoDBClientService(config);
return View(Model);
}
}
}
这会调用我创建的一个库来处理我的 dynamodb 连接和其他东西。这是 class:
public class DynamoDBClient: IDynamoDBClient
{
private readonly IAmazonDynamoDB _client;
public DynamoDBClient(IAmazonDynamoDB dynamoDBClient)
{
_client = dynamoDBClient;
}
public void DynamoDBClientService(ConfigProvider config)
{
try
{
DescribeTableRequest request = new DescribeTableRequest
{
TableName = "tablename"
};
var result = _client.DescribeTableAsync(request);
var status = result.Result.Table.TableStatus;
}
catch (Exception ex) //I catch and error `Unable to get IAM security credentials from EC2 Instance Metadata Service` here
{
throw ex;
}
}
static AssumeRoleResponse GetAssumeRoleResponseAsync(AmazonSecurityTokenServiceClient client, AssumeRoleRequest request)
{
AssumeRoleResponse response;
try
{
response = client.AssumeRoleAsync(request).Result;
}
catch (Exception ex)
{
throw ex;
}
return response;
}
}
我当然是在凭据文件中使用我的 aws 帐户。当我尝试 运行 应用程序时,我在我指定的地方发现了一个错误。我怎么做错了?我是 aws sdk 的新手,所以如果答案很明显,请原谅我。
如果您可以创建一个 IAM 角色并将其附加到您所在的实例,那就更好了。运行 .Net 代码。
IAM 角色:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
此外,请确保您可以从实例中访问元数据 url:
http://169.254.169.254/latest/meta-data/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
我正在尝试构建一个允许用户将数据发送到 dynamodb 的 .net 核心 mvc 应用程序,但我似乎无法承担描述我的 table 权限的角色。我每次尝试都会收到以下错误:
Unable to get IAM security credentials from EC2 Instance Metadata Service
首先我有我的控制器(索引是提交用户表单的地方):
public class RfiController : Controller
{
private readonly IDynamoDBClient capture;
public RfiController(IDynamoDBClient dynamodb)
{
capture = dynamodb;
}
. . .
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult Index(ViewModel Model)
{
. . .
///ASSUME THE role
ConfigProvider config = new ConfigProvider();
config.AWSRoleName = "rolename";
config.AWSRegion = "region";
config.Environment = "dev";
capture.DynamoDBClientService(config);
return View(Model);
}
}
}
这会调用我创建的一个库来处理我的 dynamodb 连接和其他东西。这是 class:
public class DynamoDBClient: IDynamoDBClient
{
private readonly IAmazonDynamoDB _client;
public DynamoDBClient(IAmazonDynamoDB dynamoDBClient)
{
_client = dynamoDBClient;
}
public void DynamoDBClientService(ConfigProvider config)
{
try
{
DescribeTableRequest request = new DescribeTableRequest
{
TableName = "tablename"
};
var result = _client.DescribeTableAsync(request);
var status = result.Result.Table.TableStatus;
}
catch (Exception ex) //I catch and error `Unable to get IAM security credentials from EC2 Instance Metadata Service` here
{
throw ex;
}
}
static AssumeRoleResponse GetAssumeRoleResponseAsync(AmazonSecurityTokenServiceClient client, AssumeRoleRequest request)
{
AssumeRoleResponse response;
try
{
response = client.AssumeRoleAsync(request).Result;
}
catch (Exception ex)
{
throw ex;
}
return response;
}
}
我当然是在凭据文件中使用我的 aws 帐户。当我尝试 运行 应用程序时,我在我指定的地方发现了一个错误。我怎么做错了?我是 aws sdk 的新手,所以如果答案很明显,请原谅我。
如果您可以创建一个 IAM 角色并将其附加到您所在的实例,那就更好了。运行 .Net 代码。
IAM 角色:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
此外,请确保您可以从实例中访问元数据 url: http://169.254.169.254/latest/meta-data/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html