1

I have a server that utilizes AWS SES to send notification emails, but I keep recieving the following message:

An unhandled exception of type 'Amazon.Runtime.AmazonServiceException' occurred in AWSSDK.dll

Additional information: Unable to find credentials

I have a credentials file fully accessible by the server's user and I use the following to tell the AWS SDK where the file is located and the profile name:

AWSConfigs.AWSProfileName = "example-user";
AWSConfigs.AWSProfilesLocation = Environment.CurrentDirectory + "/example-dir/credentials";

..however crashes at the following line with the error message:

AmazonSimpleEmailServiceClient client = new AmazonSimpleEmailServiceClient(REGION);

I checked out this answer on Amazon.Runtime.AmazonServiceException: Unable to find credentials which suggests that profiles should be in the application's configuration file, like so:

<appSettings>
    <add key="AWSProfilesLocation" value="C:\awsfile\credentials" />
    <add key="AWSRegion" value="us-east-1" />
</appSettings>

...this results in the exact same error.

What am I doing wrong? The AWSConfigs.* code has been working for around six months now without issue, this started happening when my project took a hiatus and I restored it from its Git repository. I cannot remember which version of Visual Studio I used before but I'm currently using 2015 (update 3).

I did however get this to work by adding the credentials as system environment variables, but this isn't a permanent solution for security reasons.

If I download earlier commits, build them and run them, I get the exact same error. I'm thinking this is either something to do with the version of Visual Studio I'm using, but can't think of any reasons why this could be.

The AWS SDK and .NET versions have always been the same so it shouldn't be incompatibility (2.3.55.2 for the AWS SDK and .NET 4.6.1).

AStopher
  • 4,207
  • 11
  • 50
  • 75
  • 2
    Shouldn't `AWSProfilesLocation` point to a file, not a folder? – Mark B Oct 20 '17 at 14:45
  • Mark's comment is correct about location being a file and not a folder. Also use an IAM Role for credentials instead of application hard coding if this is an EC2 instance. – John Hanley Oct 20 '17 at 16:10
  • 1
    Are you running your code on an Amazon EC2 instance, or an on-premises server? – John Rotenstein Oct 20 '17 at 20:30
  • @JohnRotenstein EC2, I admittedly haven't looked at IAM roles so that's something I plan to look into. – AStopher Oct 21 '17 at 07:58
  • @MarkB Apologies, missed out the file name when I was changing the paths for the sample code. Fixed. – AStopher Oct 21 '17 at 07:58
  • Have you tried upgrading to the 3.3.x sdk release? It is mysterious that it stopped working. But it may be easier to diagnose if using the latest SDK. – sfuqua Feb 06 '18 at 14:27
  • @sfuqua This question is more than a year old, and at the time it was posted 2.3.55.2 was the latest version. I got it to work by placing the credentials as environment variables. – AStopher Feb 06 '18 at 15:15

1 Answers1

0

If you are running applications on an Amazon EC2 instance and those applications require AWS credentials, the best-practice advice is:

  • Never put credentials in your code
  • Assign an IAM Role to the instance and the SDK will automatically use those credentials

Even when you're running an application on a non-EC2 instance, avoid putting credentials in code. Instead, put them in environment variables or configuration files.

See: Configuring AWS Credentials for .Net applications

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470