User guide
Security Considerations
Once the DynamoDB table is created and the application is configured, sessions can be used as with
any other session provider.
As a security best practice, we recommend that you run your applications with the credentials of an AWS
Identity and Access Management (IAM) user.You can use either the AWS Management Console or the
AWS Toolkit for Visual Studio to create IAM users and define access policies.
The session state provider needs to be able to call the DeleteItem, DescribeTable, GetItem, PutItem
and UpdateItem operations for the table that stores the session data.The sample policy below can be
used to restrict the IAM user to only the operations needed by the provider for an instance of DynamoDB
running in us-east-1:
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "1",
"Effect" : "Allow",
"Action" : [
"dynamodb:DeleteItem",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem"
],
"Resource" : "arn:aws:dynamodb:us-east-1:<YOUR-AWS-ACCOUNT-
ID>:table/ASP.NET_SessionState"
}
]
}
Amazon Elastic Compute Cloud Programming
with the AWS SDK for .NET
The AWS SDK for .NET supports Amazon Elastic Compute Cloud (Amazon EC2), which is a web service
that provides resizable computing capacity—literally, servers in Amazon's data centers—that you use to
build and host your software systems.
Topics
• Tutorial: Creating Amazon EC2 Instances (p. 68)
• Tutorial: Amazon EC2 Spot Instances (p. 80)
Tutorial: Creating Amazon EC2 Instances with the
AWS SDK for .NET
You can access the features of Amazon EC2 using the AWS SDK for .NET. For example, you can create,
start, and terminate EC2 instances.
Version v2.0.0
68
AWS SDK for .NET Developer Guide
Amazon Elastic Compute Cloud (Amazon EC2)