3

I have been struggling to implement secrets manager on .NET Core. It always returning me with Socket Exception and HTTPRequestException on GetSecretValueAsync method call, while it is working on my colleagues PC.

SocketException: A socket operation was attempted to an unreachable network HttpRequestException: A socket operation was attempted to an unreachable network HttpRequestException SocketException

I have already setup the credentials file needed in AWS default profile located at C:\Users\USERNAME.aws\credentials on Windows and also on each IIS App Pool .aws folder. All credentials stored in UTF-8 format previously ANSI.

Here is sample of the credentials that i got with MFA authentication: AWS credentials file Here is my aws credentials configuration and folder location: Credentials location Mostly my setting with my colleague are the same. Now I'm almost at a dead end. If anybody have experience or AWS Web Services Team willing to help me with the solution for this, please let me know. Thank you. Cheers.

var data = secretManager.GetSecretValueAsync( new GetSecretValueRequest { SecretId = configName } ).Result;

UPDATE: I found out the real issue here but still got no solution yet. Because I can't really see where does the secrets manager get the credentials from. And for your information, this method works on .NET Framework in my PC. Issue found

Improve this question

2 Answers 2

Reset to default
1

Need more info to help . 1. the path for aws credentials is usually C:\Users\USERNAME.aws\ not C:\Users\USERNAME.aws\
2. in this folder should be a file named config where the region is defined. Put the region where the AWS Secrets Manager is configured. Here an example

[default] region = us-east-1

If this is not helping describe the configuration please

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Hi detzu, I have updated the question to fulfill your request. Thanks.
I understand you had this already configured. The endpoint is configured in your VPC ? aws.amazon.com/blogs/security/…
Well we don't use VPC endpoints but instead directly calling the secretsmanager api using credentials provided. And it is already running on my colleague pc.
I've just updated my post, in case you are still figuring it out. Thank you.
yes, looks like you work on an ec2 inside the VPC ? If yes , your EC2 should have a role assigned to it. this role is the one assigning rights to your EC2 to access secrets manager. Check what rule has your ec2 and what role has the ec2 of your colleague
0

I have finally found out the real issue here. It is actually because I need to allow IIS_IUSRS group user to access IIS system profile folder. Thank you everyone!

IIS system profile folder

Improve this answer

1 Comment

I think this error message should be a lot more clear though. Should say something like "Fail to retrieve aws credentials" or something so that way it could have pointed you to the system profile folder. SocketException could be a lot of things and could led someone down a a ton of wrong rabbit holes

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.