User guide
Table Of Contents
- AWS SDK for .NET
- Table of Contents
- AWS SDK for .NET Developer Guide
- Getting Started with the AWS SDK for .NET
- Programming with the AWS SDK for .NET
- AWS SDK for .NET Tutorials and Examples
- Managing ASP.NET Session State with Amazon DynamoDB
- Tutorial: Creating Amazon EC2 Instances with the AWS SDK for .NET
- Tutorial: Grant Access Using an IAM Role and the AWS SDK for .NET
- Tutorial: Amazon EC2 Spot Instances
- Creating and Using an Amazon SQS Queue with the AWS SDK for .NET
- Creating an Amazon Route 53 Hosted Zone and Adding Resource Record Sets
- Additional Resources
- Document History
AWSSecretKey
Secret key to use.This can be set either in the providers section or in the appSettings section.
We recommend not using this setting. Instead, specify credentials by using AWSProfileName to
specify a profile.
AWSProfileName
The profile name that is associated with the credentials that you want to use. For more information,
see Configuring Your AWS SDK for .NET Application (p. 8).
Region
Required string attribute.The AWS region in which to use Amazon DynamoDB. For a list of
available AWS regions, go to the Regions and Endpoints documentation.
Application
Optional string attribute.The value of the Application attribute is used to partition the session
data in the table so that the same table can be used for more than one application.
Table
Optional string attribute.The name of the table used to store session data.The default is
ASP.NET_SessionState.
ReadCapacityUnits
Optional int attribute.The read capacity units to use if the provider creates the table.The default
is 10.
WriteCapacityUnits
Optional int attribute.The write capacity units to use if the provider creates the table. The default
is 5.
CreateIfNotExist
Optional boolean attribute.The CreateIfNotExist attribute controls whether the provider will
auto-create the table if it doesn't exist. The default is true. If this flag is set to false and the table
doesn't exist, an exception will be thrown.
Security Considerations
Once the DynamoDB table is created and the application is configured, sessions can be used as with
any other session provider.
As a security best practice, we recommend that you run your applications with the credentials of an AWS
Identity and Access Management (IAM) user.You can use either the AWS Management Console or the
AWS Toolkit for Visual Studio to create IAM users and define access policies.
The session state provider needs to be able to call the DeleteItem, DescribeTable, GetItem, PutItem
and UpdateItem operations for the table that stores the session data.The sample policy below can be
used to restrict the IAM user to only the operations needed by the provider for an instance of DynamoDB
running in us-east-1:
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "1",
"Effect" : "Allow",
"Action" : [
"dynamodb:DeleteItem",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem"
],
Version v2.0.0
35
AWS SDK for .NET Developer Guide
Security Considerations