Manualshelf

User guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK
11121314151617181920
Using a Credentials File
You can also store profiles in a credentials file, which can also be used by the other AWS SDKS, the
AWS CLI, and AWS Tools for Windows PowerShell.To reduce the risk of accidentally exposing credentials,
the credentials file is stored separately from any projects, usually in the user's home folder. However, the
profiles are stored in plaintext, so a credentials file is not as secure as the SDK Store.
You can manage these profiles by using a text editor. The file is named credentials, and the default
location is under your user's home folder. For example, if your user name is awsuser, the credentials file
would be C:\users\awsuser\.aws\credentials.
Each profile has the following format:
[profile_name]
aws_access_key_id = accessKey
aws_secret_access_key = secretKey
A profile can optionally include a session token. For more information, see Best Practices for Managing
AWS Access Keys.
Tip
If you include a profile named default, the SDK for .NET will use that profile by default if it
cannot find the specified profile.
By default, the SDK for .NET searches for profiles only in the user's home directory. If, for example, your
application is running under Local System, the SDK for .NET will not be able to find those profiles. In that
case, the application cannot use profiles from the SDK Store. However, you can store profiles in a
credentials file that is stored in an arbitrary location, such as
C:\aws_service_credentials\credentials.You must then explicitly specify the file path in your
project's App.config or Web.config file. For more information, see Specifying a Profile (p. 12).
Using Credentials in an Application
The SDK for .NET searches for credentials in the following order and uses the first available set for the
current application.
1. Access key and secret key values that are stored in the application's App.config or Web.config
file.
We strongly recommend using profiles rather than putting literal credentials in your project files.
2. A specified profile in the SDK Store.
3. A specified profile in the credentials file.
4. A profile named default in the SDK Store.
5. A profile named default in the credentials file.
6. For applications running on an EC2 instance, credentials stored in an instance profile.
Tip
With the AWS CLI or other AWS SDKs, you can also store a set of credentials in the
AWS_ACCESS_KEY_ID and AWS_SECRET_KEY environment variables. The SDK for .NET does
not include these variables in its credentials search chain. However, you can obtain the keys by
calling Environment.GetEnvironmentVariable and then pass them to the client object
when you create it. Credentials specified in this way take precedence over the credentials in the
search chain.
Version v2.0.0
11
AWS SDK for .NET Developer Guide
Configuring AWS Credentials