AWS SDK for .NET
The AWS SDK for NET
Getting started
-
Assign to the service account the roles required for your project, e.g., storage.editor for a bucket (to work with a particular bucket) or a folder (to work with all buckets in this folder). For more information about roles, see Access management with Yandex Identity and Access Management.
To work with objects in an encrypted bucket, a user or service account must have the following roles for the encryption key in addition to the
storage.configurer
role:kms.keys.encrypter
: To read the key, encrypt and upload objects.kms.keys.decrypter
: To read the key, decrypt and download objects.kms.keys.encrypterDecrypter
: This role includes thekms.keys.encrypter
andkms.keys.decrypter
permissions.
For more information, see Key Management Service service roles.
-
As a result, you will get the static access key data. To authenticate in Object Storage, you will need the following:
key_id
: Static access key IDsecret
: Secret key
Save
key_id
andsecret
: you will not be able to get the key value again.
Note
A service account is only allowed to view a list of buckets in the folder it was created in.
A service account can perform actions with objects in buckets that are created in folders different from the service account folder. To enable this, assign the service account roles for the appropriate folder or its bucket.
Installation
To install the AWS SDK for.NET, follow the instructions
Configuration
-
Create a directory to store the authentication data in and navigate to it:
For macOS and Linux:
mkdir ~/.aws/
For Windows:
mkdir C:\Users\<username>\.aws\
-
In the
.aws
directory, create a file namedcredentials
, copy the credentials you got earlier, and paste them into it:[default] aws_access_key_id = <static_key_ID> aws_secret_access_key = <secret_key>
-
Create a file named
config
with the default region settings and copy the following information to it:[default] region = ru-central1 endpoint_url = https://storage.yandexcloud.net
Note
Some apps designed to work with Amazon S3 do not allow you to specify the region; this is why Object Storage may also accept the
us-east-1
value.
Features
- The AWS SDK for .NET incorrectly handles lifecycle configurations that contain no rule description (ID). Make sure to add a description to each lifecycle rule.
- To access Object Storage, e.g., when working with the
AmazonS3Config
class, use thes3.yandexcloud.net
address.
Code examples
To connect to Object Storage, use this code:
AmazonS3Config configsS3 = new AmazonS3Config {
ServiceURL = "https://s3.yandexcloud.net"
};
AmazonS3Client s3client = new AmazonS3Client(configsS3);
Here is an example of a .NET AWS SDK based program that, when you run it, will create a bucket, upload an object into it, delete the object, and delete the bucket:
using Amazon.Runtime;
using Amazon.S3;
using Amazon.S3.Model;
namespace Example
{
public static class Program
{
public static async Task Main()
{
var testBucketName = "your-unique-bucket-name";
var uploadObjectKey = "object-key";
AmazonS3Client s3client = null;
try
{
// Configuring your S3 client
AmazonS3Config configsS3 = new AmazonS3Config {
ServiceURL = "https://s3.yandexcloud.net",
};
s3client = new AmazonS3Client(configsS3);
// Creating a bucket
Console.WriteLine($"Creating bucket {testBucketName}");
try
{
await s3client.PutBucketAsync(new PutBucketRequest
{
BucketName = testBucketName,
UseClientRegion = true
});
Console.WriteLine($"Bucket '{testBucketName}' created successfully.");
}
catch (AmazonS3Exception ex) when (ex.StatusCode == System.Net.HttpStatusCode.Conflict)
{
Console.WriteLine($"Bucket '{testBucketName}' already exists. Continuing with existing bucket.");
}
// Uploading an object
Console.WriteLine($"Uploading object to bucket '{testBucketName}'.");
try
{
await s3client.PutObjectAsync(new Amazon.S3.Model.PutObjectRequest
{
BucketName = testBucketName,
Key = uploadObjectKey,
ContentBody = "Hello World!"
});
Console.WriteLine("Object was uploaded successfully.");
}
catch (AmazonS3Exception ex)
{
Console.WriteLine($"Error uploading object: {ex.Message}");
throw; // Re-throw to be caught by outer try-catch
}
// Deleting the object
Console.WriteLine($"Deleting object with key '{uploadObjectKey}'");
try
{
await s3client.DeleteObjectAsync(new Amazon.S3.Model.DeleteObjectRequest
{
BucketName = testBucketName,
Key = uploadObjectKey
});
Console.WriteLine($"Object with key '{uploadObjectKey}' was deleted successfully");
}
catch (AmazonS3Exception ex)
{
Console.WriteLine($"Error deleting object: {ex.Message}");
throw; // Re-throw to be caught by outer try-catch
}
// Deleting the bucket
Console.WriteLine($"Deleting bucket with name '{testBucketName}'");
try
{
await s3client.DeleteBucketAsync(new Amazon.S3.Model.DeleteBucketRequest
{
BucketName = testBucketName
});
Console.WriteLine($"Bucket '{testBucketName}' was deleted successfully");
}
catch (AmazonS3Exception ex)
{
Console.WriteLine($"Error deleting bucket: {ex.Message}");
// If you need to forcibly delete a non-empty bucket, you can add the code here
throw; // Re-throw to be caught by outer try-catch
}
}
catch (AmazonS3Exception ex)
{
Console.WriteLine($"Amazon S3 Error: {ex.ErrorCode}, Message: {ex.Message}");
Console.WriteLine($"Status code: {ex.StatusCode}, Request ID: {ex.RequestId}");
}
catch (AmazonServiceException ex)
{
Console.WriteLine($"Amazon Service Error: {ex.ErrorCode}, Message: {ex.Message}");
}
catch (Exception ex)
{
Console.WriteLine($"General error: {ex.Message}");
Console.WriteLine(ex.StackTrace);
}
finally
{
// Disposing of resources correctly
s3client?.Dispose();
}
}
}
}