0

我已经尝试了多个在线教程,但没有一个让我能够在我的 .NET 构建中实际使用秘密。

我目前正在尝试仅使用亚马逊生成的代码,但我仍然不清楚如何获取这些秘密。我对 .NET 的经验接近 0,但对于我的项目的一小部分来说这是必要的,这是唯一缺少的部分。

任何帮助将不胜感激。

csproj 文件

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>netcoreapp2.1</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
    <Folder Include="wwwroot\" />
  </ItemGroup>

  <ItemGroup>
    <PackageReference Include="AWSSDK.S3" Version="3.3.104.13" />
    <PackageReference Include="Microsoft.AspNetCore.App" />
    <PackageReference Include="Microsoft.AspNetCore.Razor.Design" Version="2.1.2" PrivateAssets="All" />
    <PackageReference Include="Syncfusion.EJ2.AspNet.Core" Version="17.4.0.40" />
    <PackageReference Include="AWSSDK.SecretsManager" Version="3.3.0" />
  </ItemGroup>

</Project>

控制器/AmazonS3ProviderController.cs 文件

using Syncfusion.EJ2.FileManager.AmazonS3FileProvider;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Features;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using Syncfusion.EJ2.FileManager.Base;
using Amazon;

using System.IO;
using Amazon.SecretsManager;
using Amazon.SecretsManager.Model;

namespace EJ2AmazonS3ASPCoreFileProvider.Controllers
{

    

    [Route("api/[controller]")]
    [EnableCors("AllowAllOrigins")]
    public class AmazonS3ProviderController : Controller
    {



public static void GetSecret()
{
    string secretName = "TEST";
    string region = "us-east-2";
    string secret = "";

    MemoryStream memoryStream = new MemoryStream();

    IAmazonSecretsManager client = new AmazonSecretsManagerClient(RegionEndpoint.GetBySystemName(region));

    GetSecretValueRequest request = new GetSecretValueRequest();
    request.SecretId = secretName;
    request.VersionStage = "AWSCURRENT"; // VersionStage defaults to AWSCURRENT if unspecified.

    GetSecretValueResponse response = null;

    // In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
    // See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
    // We rethrow the exception by default.

    try
    {
        response = client.GetSecretValueAsync(request).Result;
    }
    catch (DecryptionFailureException e)
    {
        // Secrets Manager can't decrypt the protected secret text using the provided KMS key.
        // Deal with the exception here, and/or rethrow at your discretion.
        throw;
    }
    catch (InternalServiceErrorException e)
    {
        // An error occurred on the server side.
        // Deal with the exception here, and/or rethrow at your discretion.
        throw;
    }
    catch (InvalidParameterException e)
    {
        // You provided an invalid value for a parameter.
        // Deal with the exception here, and/or rethrow at your discretion
        throw;
    }
    catch (InvalidRequestException e)
    {
        // You provided a parameter value that is not valid for the current state of the resource.
        // Deal with the exception here, and/or rethrow at your discretion.
        throw;
    }
    catch (ResourceNotFoundException e)
    {
        // We can't find the resource that you asked for.
        // Deal with the exception here, and/or rethrow at your discretion.
        throw;
    }
    catch (System.AggregateException ae)
    {
        // More than one of the above exceptions were triggered.
        // Deal with the exception here, and/or rethrow at your discretion.
        throw;
    }

    // Decrypts secret using the associated KMS CMK.
    // Depending on whether the secret is a string or binary, one of these fields will be populated.
    if (response.SecretString != null)
    {
        secret = response.SecretString;
    }
    else
    {
        memoryStream = response.SecretBinary;
        StreamReader reader = new StreamReader(memoryStream);
        string decodedBinarySecret = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(reader.ReadToEnd()));
    }

    // Your code goes here.
}

        public AmazonS3FileProvider operation;
        public string basePath;
        protected RegionEndpoint bucketRegion;
        public AmazonS3ProviderController(IHostingEnvironment hostingEnvironment)
        {
            this.basePath = hostingEnvironment.ContentRootPath;
            this.operation = new AmazonS3FileProvider();
            this.operation.RegisterAmazonS3("bucket-1", "AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "us-east-1");
        }
       
        // gets the image(s) from the given path
        [Route("AmazonS3GetImage")]
        public IActionResult AmazonS3GetImage(FileManagerDirectoryContent args)
        {
            return operation.GetImage(args.Path, args.Id, false, null, args.Data);
        }

    }
  
}

在控制器中,您将看到我需要访问密钥和秘密访问密钥的位置。

4

1 回答 1

0

您可以将您的“AWS_ACCESS_KEY_ID”和“AWS_SECRET_ACCESS_KEY”直接传递到您需要的位置。要访问访问密钥,请参阅此AWS 文档。此外,我们可以参考配置文件,我们可以在其中添加应用程序的密钥。请参考以下 UG 以供进一步参考。

https://docs.aws.amazon.com/toolkit-for-visual-studio/latest/user-guide/credentials.html https://docs.aws.amazon.com/sdk-for-net/latest/developer -guide/creds-assign.html

有关这方面的更多详细信息,请参阅 AWS UG。

于 2021-03-18T13:49:47.940 回答