We have an on prem application & we want to use AWS Secrets for storing things like DB connection strings.
I've found an example using Azure (https://github.com/aspnet/MicrosoftConfigurationBuilders/blob/main/docs/KeyValueConfigBuilders.md)
I've adapted this to try to use AWS in a KeyValueConfigBuilder derived class. This is the LazyInitialize override which fetches the Profile Location and Profile Name from appsettings (we'll inject the values for these settings via Azure Devops)
protected override void LazyInitialize(string name, NameValueCollection config)
{
base.LazyInitialize(name, config);
ProfilesLocation = UpdateConfigSettingWithAppSettings(ProfilesLocationTag);
Region = UpdateConfigSettingWithAppSettings(RegionTag);
ProfileName = UpdateConfigSettingWithAppSettings(ProfileNameTag);
SecretGroups = UpdateConfigSettingWithAppSettings(SecretGroupsTag).Split(',').ToList();
Environment = UpdateConfigSettingWithAppSettings(EnvironmentTag);
var chain = string.IsNullOrEmpty(ProfilesLocation) ? new CredentialProfileStoreChain() :
new CredentialProfileStoreChain(ProfilesLocation);
chain.TryGetAWSCredentials(ProfileName, out var credentials);
IAmazonSecretsManager client = new AmazonSecretsManagerClient(credentials);
}
Unfortunately, the TryGetAWSCredentials line throws an exception:
InvalidOperationException: The ConfigurationBuilder 'AwsSecrets[SecretsWebApplication.Configuration.MyCustomConfigBuilder]' has recursively re-entered processing of the 'appSettings' section.
Drilling into TryGetAWSCredentials, it seems that the AWSConfigs static constructor is doing lots of configuration reading:
internal static string _awsRegion = AWSConfigs.GetConfig(nameof (AWSRegion));
Is there a way of instantiating AmazonSecretsManagerClient without it attempting to read appsettings?