AWS SDK for .NET cannot access credentials using IIS
I am having problems accessing AWS credentials in the SDK store, but this seems to be an issue only when running in IIS. If I push the same code, calling the NUnit test with ReSharper, working on the dependencies works and the S3 client can authenticate.
IAmazonS3 s3Client = new AmazonS3Client();
Does anyone else have this problem? How could you get dependency injection to work?
[change]
The credentials file approach has been recommended for use with IIS because the SDK store stores data differently for each user. I can only get the credential file if I hard code the path in appSettings, which I don't want to do.
Where will the SDK look for the credential file other than the paths below?
C:\Users\<IIS_app_name>\.aws\credentials
C:\Users\<my_domain_user>\.aws\credentials
source to share
The question was answered on Paul's answer, but I'll post the answer to make the information easier to consume. You can specify the location of the credential file in the webLocal.config file (I couldn't get it to work without this). When the application is deployed, the location of the credential file will be invalid and the SDK will no longer use the IAM role for the EC2 instance.
webLocal.config
<?xml version="1.0"?>
<appSettings>
<!-- AWS -->
<add key="AWSProfilesLocation" value="C:\Users\<IIS_app_name>\.aws\credentials" />
<add key="AWSRegion" value="us-west-2" />
<add key="S3Bucket" value="bucket." />
</appSettings>
Dependency injection will work when instantiating the client with no arguments.
IAmazonS3 s3Client = new AmazonS3Client();
source to share
The SDK store stores the credentials in a folder C:\Users\<username>\AppData\Local\AWSToolkit
, so if IIS is not started in the same account as the NUnit tests, IIS will not be able to access the same credentials.
This blog post discusses various options for storing and using credentials. In your case, it seems like the best option would be to use a credential file.
source to share