User guide
Table Of Contents
- AWS SDK for .NET
- Table of Contents
- AWS SDK for .NET Developer Guide
- Getting Started with the AWS SDK for .NET
- Programming with the AWS SDK for .NET
- AWS SDK for .NET Tutorials and Examples
- Managing ASP.NET Session State with Amazon DynamoDB
- Tutorial: Creating Amazon EC2 Instances with the AWS SDK for .NET
- Tutorial: Grant Access Using an IAM Role and the AWS SDK for .NET
- Tutorial: Amazon EC2 Spot Instances
- Creating and Using an Amazon SQS Queue with the AWS SDK for .NET
- Creating an Amazon Route 53 Hosted Zone and Adding Resource Record Sets
- Additional Resources
- Document History
You can also configure an SDK for .NET application programmatically, by setting property values in the
AWSConfigs class. The following example specifies the AWSRegion (p. 14) and AWSLogging (p. 13)
parameters:
AWSConfigs.AWSRegion = "us-west-2";
AWSConfigs.Logging = LoggingOptions.Log4Net;
Programmatically defined parameters override any values that were specified in an App.config or
Web.config file. Some programmatically defined parameter values take effect immediately; others take
effect only after you create a new client object. For more information, see Configuring AWS Creden-
tials (p. 9).
Topics
• Configuring AWS Credentials (p. 9)
• Configuring Other Application Parameters (p. 13)
Configuring AWS Credentials
This topic describes how to configure your application's AWS credentials. It assumes that you have created
an AWS account and that you have access to your credentials, as described in Create an AWS Account
and Credentials (p. 3). It is important to manage your credentials securely and avoid practices that could
unintentionally expose your credentials publicly. In particular:
• Don't use your account's root credentials to access your AWS resources.
These credentials provide unrestricted account access, and are difficult to revoke.
• Don't put literal access keys in your application, including the project's App.config or Web.config
file.
Doing so creates a risk of accidentally exposing your credentials if, for example, you upload the project
to a public repository.
Some general guidelines for securely managing credentials include:
• Create IAM users and use those credentials to provide account access instead of your account's root
credentials.
IAM credentials are easier to revoke if they are compromised and you can apply a policy to each user
that restricts them to a specified set of resources and actions.
• The preferred approach for managing credentials is to put a profile for each set of IAM user credentials
that you want to use in the SDK Store (preferred) or a credentials file.
You can then reference a particular profile programmatically or in your application's App.config or
Web.config file instead of having literal credentials in your project files.To limit the risk of unintentionally
exposing credentials, the SDK Store and credentials file are stored separately from any project. To
further reduce risk, the credentials in the SDK Store are encrypted.
• Use IAM roles for applications that are running on Amazon EC2 instances.
• Use temporary credentials for applications that are available to users outside your organization.
The following topics describe how to manage credentials for an SDK for .NET application. For a general
discussion of how to securely manage AWS credentials, see Best Practices for Managing AWS Access
Keys.
Version v2.0.0
9
AWS SDK for .NET Developer Guide
Configuring AWS Credentials