Class ProfileManager

Namespace

Amazon.Util

Assembly

AWSSDK.Core.dll

This class allows profiles supporting AWS credentials and SAML-based authentication to be registered with the SDK so that they can later be reference by a profile name. The credential profiles will be available for use in the AWS Toolkit for Visual Studio and the AWS Tools for Windows PowerShell.

The credentials are stored under the current users AppData folder encrypted using Windows Data Protection API.

To reference a profile from an application's App.config or Web.config use the AWSProfileName setting.

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <appSettings>
        <add key="AWSProfileName" value="development"/>
    </appSettings>
</configuration>

[Obsolete("This class is obsolete and will be removed in a future release. Please use Amazon.Runtime.CredentialManagement.NetSDKCredentialsFile, SharedCredentialsFile, or SAMLEndpointManager.  Visit http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html for further details.")]
public static class ProfileManager

Inheritance

object

ProfileManager

Inherited Members

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Fields

AWSCredentialsProfileType

public const string AWSCredentialsProfileType = "AWS"

Field Value

string

SAMLRoleProfileType

public const string SAMLRoleProfileType = "SAML"

Field Value

string

Properties

IsAvailable

public static bool IsAvailable { get; }

Property Value

bool

Methods

CopyProfileSettings(ObjectSettings, string)

Copies the contents of the source profile to the destination. If the destination profile does not exist a new profile is created. Note that if the destination profile exists, all keys it contains are removed and replaced with keys from the source profile.

public static string CopyProfileSettings(SettingsCollection.ObjectSettings source, string destinationProfileName)

Parameters

source SettingsCollection.ObjectSettings

The source profile to copy keys and values from.

destinationProfileName string

The name of the profile to create or update.

Returns

string

The unique id assigned to the destination settings.

CopyProfileSettings(string, string)

Copies the contents of the source profile to the destination. If the destination profile does not exist a new profile is created. Note that if the destination profile exists, all keys it contains are removed and replaced with keys from the source profile.

public static string CopyProfileSettings(string sourceProfileName, string destinationProfileName)

Parameters

sourceProfileName string

The name of the profile to copy from.

destinationProfileName string

The name of the profile to create or update.

Returns

string

The unique id assigned to the destination settings.

GetAWSCredentials(string)

Gets the AWS credentials from a profile in the SDK account store.

public static AWSCredentials GetAWSCredentials(string profileName)

Parameters

profileName string

The profile to get the credentials for.

Returns

AWSCredentials

The AWS credentials for the profile.

Exceptions

AmazonClientException

Thrown if the profile does not exist

GetProfile(string)

Returns the profile with the specified name, if it has been registered in the SDK store.

public static ProfileSettingsBase GetProfile(string profileName)

Parameters

profileName string

The name of the registered profile

Returns

ProfileSettingsBase

The loaded profile data

GetProfile<T>(string)

Returns the persisted data in the SDK store as a profile of the specified type T.

public static T GetProfile<T>(string profileName) where T : ProfileSettingsBase

Parameters

profileName string

The name of the profile holding the settings.

Returns

T

The loaded profile. An exception is thrown if the profile could not be loaded.

Type Parameters

T

Remarks

Currently supported profile types: AWSCredentialsProfile and SAMLRoleProfile.

Exceptions

AmazonClientException

Thrown if the profile does not exist

GetSAMLEndpoint(string)

Loads the settings defining a SAML endpoint.

public static SAMLEndpointSettings GetSAMLEndpoint(string endpointName)

Parameters

endpointName string

The name assigned to the settings for the endpoint.

Returns

SAMLEndpointSettings

The loaded settings. An exception is thrown if they could not be loaded.

Exceptions

AmazonClientException

Thrown if the endpoint settings do not exist.

IsProfileKnown(string)

Checks if a given profile is known in the SDK credential store.

public static bool IsProfileKnown(string profileName)

Parameters

profileName string

The name of the profile to test for existence

Returns

bool

True if the profile exists.

ListProfileNames()

Lists all profile names registered with the SDK account store.

public static IEnumerable<string> ListProfileNames()

Returns

IEnumerable<string>

The profile names.

ListProfiles()

Loads and returns all available credential profiles registered in the store.

public static IEnumerable<ProfileSettingsBase> ListProfiles()

Returns

IEnumerable<ProfileSettingsBase>

Collection of profiles.

RegisterProfile(string, string, string)

Registers an AWS credentials profile that can later be referenced by the profileName. This profile will only be visible for the current user.

public static void RegisterProfile(string profileName, string accessKeyId, string secretKey)

Parameters

profileName string

Name given to the AWS credentials.

accessKeyId string

The AWS access key id

secretKey string

The AWS secret key

RegisterSAMLEndpoint(string, Uri, string)

Registers an endpoint to be used in conjunction with SAML role profiles. The role profiles reference the endpoint settings to obtain the actual endpoint and any customization settings needed to perform authentication.

public static string RegisterSAMLEndpoint(string endpointName, Uri endpoint, string authenticationType)

Parameters

endpointName string

Name to be assigned to the endpoint settings.

endpoint Uri

The full uri of the authentication endpoint.

authenticationType string

The authentication type to use when performing calls against the endpoint. Valid values are 'NTLM', 'Digest', 'Kerberos' and 'Negotiate'. The default if not configured (null/empty string) is 'Kerberos'.

Returns

string

The unique id assigned to the new settings.

RegisterSAMLRoleProfile(string, string, string, string)

Registers a role-based profile to be used with SAML authentication. The profile contains details of the role to be assumed when AWS credentials are requested based on the role and a reference to a SAML endpoint profile containing details of the endpoint to be called to authenticate the user.

If user identity information is not supplied then the identity of the logged-in user will be used when authenticaton is performed against the endpoint referenced in the SAML endpoint profile. If identity is provided, no password information is stored in the role profile and the user must supply the password for the identity prior to authentication with the endpoint.

public static void RegisterSAMLRoleProfile(string profileName, string endpointName, string roleArn, string userIdentity)

Parameters

profileName string

Name to be assigned to the profile

endpointName string

The name assigned to the endpoint settings, previously saved with RegisterSAMLEndpoint.

roleArn string

The arn of the role that the user wants to assume when using this profile. This must be one of the set returned by the saml endpoint when the user authenticates.

userIdentity string

Optional. By default the identity of the logged-in user will be used when authentication is performed - the user will not be prompted to supply a password. By supplying a custom identity for this parameter, the user will be prompted to supply the password for the identity prior to authentication.

RegisterSAMLRoleProfile(string, string, string, string, string)

Registers a role-based profile to be used with SAML authentication. The profile contains details of the role to be assumed when AWS credentials are requested based on the role and a reference to a SAML endpoint profile containing details of the endpoint to be called to authenticate the user.

If user identity information is not supplied then the identity of the logged-in user will be used when authenticaton is performed against the endpoint referenced in the SAML endpoint profile. If identity is provided, no password information is stored in the role profile and the user must supply the password for the identity prior to authentication with the endpoint.

public static void RegisterSAMLRoleProfile(string profileName, string endpointName, string roleArn, string userIdentity, string stsRegion)

Parameters

profileName string

Name to be assigned to the profile

endpointName string

The name assigned to the endpoint settings, previously saved with RegisterSAMLEndpoint.

roleArn string

The arn of the role that the user wants to assume when using this profile. This must be one of the set returned by the saml endpoint when the user authenticates.

userIdentity string

Optional. By default the identity of the logged-in user will be used when authentication is performed - the user will not be prompted to supply a password. By supplying a custom identity for this parameter, the user will be prompted to supply the password for the identity prior to authentication.

stsRegion string

Set for profiles intended to be used in regions where a region-specific STS endpoint must be used (eg cn-north-1). If left empty/null, the global sts.amazonaws.com endpoint will be used when credentials are obtained for this profile.

TryGetAWSCredentials(string, out AWSCredentials)

Tries to get the AWS credentials from a profile in the SDK account store.

public static bool TryGetAWSCredentials(string profileName, out AWSCredentials credentials)

Parameters

profileName string

The profile to get the credentials for.

credentials AWSCredentials

Outputs the credentials for the profile.

Returns

bool

Returns true if the profile exists otherwise false is returned.

TryGetProfile<T>(string, out T)

Tries to load the specified profile data corresponding to profile type T from a named profile in the SDK account store.

public static bool TryGetProfile<T>(string profileName, out T profile) where T : ProfileSettingsBase

Parameters

profileName string

The name of the profile holding the settings.

profile T

The loaded profile data.

Returns

bool

Returns true if the profile exists otherwise false is returned.

Type Parameters

T

Remarks

Currently supported profile types: AWSCredentialsProfile and SAMLRoleProfile.

TryGetSAMLEndpoint(string, out SAMLEndpointSettings)

Attempts to load the settings defining a SAML endpoint.

public static bool TryGetSAMLEndpoint(string endpointName, out SAMLEndpointSettings endpointSettings)

Parameters

endpointName string

The name assigned to the settings for the endpoint.

endpointSettings SAMLEndpointSettings

The instantiated endpoint.

Returns

bool

True if the settings were successfully loaded.

UnregisterProfile(string)

Deletes the settings for an AWS credentials or SAML role profile from the SDK account store.

public static void UnregisterProfile(string profileName)

Parameters

profileName string

The name of the profile to remove.