Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS Lambda (NET6): What to use to replace appsettings.json?

0

I am developing AWS Lambda (NET6) function. Now it uses appsettings.json file for RDS connection string and some other config parameters. What in AWS can be used as a replacement for appsetings: AWS Parameter store, AWS SystemsManager etc?

Topics
Serverless.NET on AWSCompute
Tags
.NET on AWSAWS Lambda
Language
English
asked 3 years ago2.1K views
3 Answers
2

Your understanding is correct, you should consider using AWS Systems Manager parameter store, where you can create parameters in string form and retrieve them using boto3 in your lambda functions.

It supports three types:

  1. String
  2. StringList
  3. SecureString

You can simply put json strings as String type, it's just, after fetching the parameters from parameter store, you'd need to parse that for your required fields.

Lambda function execution role should have systems manager permissions.

SSM Get Parameter synopsis

SSM Parameter Permissions Documentation

Additional context: Though this is absolutely up to your use case and exact requirement, but to store DB credentials in AWS, it's always better to store those in secretsmanager as that provides auto rotation feature out of the box where parameter store doesn't.

Rotating secrets using secrets manager

Hope you find this information useful.

Comment here if you have additional questions, happy to help.

Abhishek

AWS
EXPERT
answered 3 years ago
  • Oleg
    3 years ago

    Thank you, yet another question to this: How to use Parameter Store in AWS Lambda (NET6) c# code? what should be added to code, what replaced in comparison with particular NET 6 code used appsettings.json?

  • secondabhi_aws EXPERT
    3 years ago

    Here is the code snippet for C# to fetch SSM parameters:

    // Define a function to fetch AWS SSM parameters function fetchSSMParameters(parameterNames) { var ssmClient = AwsSsmService.create(ssmConfig); var ssmParameters = ssmClient.getParameter(parameterNames);

    return ssmParameters; }

    // Define the AWS SSM configuration var ssmConfig = { region: "us-east-1", // Update with your desired AWS region accessKeyId: "YOUR_ACCESS_KEY_ID", secretAccessKey: "YOUR_SECRET_ACCESS_KEY" };

    // Example usage var parameterNames = ["ParameterName1", "ParameterName2"]; var ssmParameters = fetchSSMParameters(parameterNames);

    You may need to adjust/tweak based on your requirement but you may find this helpful for reference.

    Comment here if you have additional questions, happy to help.

  • Gary Mclean EXPERT
    3 years ago

    I’d Recommend using a role instead of keys

  • Oleg
    3 years ago

    A few questions:

    1. Should I add a service (SSM etc) in Startup?
    2. Can I read hierarchical parameters as you provided code sample? i.e. like parameters stored in appsettings.json?
    3. How can I view list of parameters I store in PS? I have found how to add but did not find how to view
  • Oleg
    3 years ago

    @Gary Mclean How to use role instead of keys? Any links to examples?

0

I have seen secrets used instead of app settings for dot NET applications previously.

Of course as you rightly state, you could use parameter store and also environment variables too.

All have pros and cons.

EXPERT
answered 3 years ago
  • Oleg
    3 years ago

    Thank you. Any links to how to use it in c# Lambda NET6 code?

0

Hello.
As you say the Systems Manager parameter store is useful.
Another option is to use Secrets Manager.
Especially with Secrets Manager, you can easily implement automatic password rotation, etc. in conjunction with RDS.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html
https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html

EXPERT
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content