AWSSecretsManager.Provider

This is a modern, community-maintained fork of Kralizek/AWSSecretsManagerConfigurationExtensions, originally developed by Renato Golia.

It provides a configuration provider for Microsoft.Extensions.Configuration that loads secrets from AWS Secrets Manager.

---

🚀 What's New in This Fork

• ✅ Targeted to .NET 8 and .NET 9
• ✅ Converted to use System.Text.Json only
• ✅ Refactored structure for better modern SDK usage
• ✅ NEW: Comprehensive logging support with ILogger integration
• ✅ Published as a new NuGet package: AWSSecretsManager.Provider

---

🔧 Usage

ASP.NET Core Example

public class Program
{
    public static void Main(string[] args)
    {
        CreateHostBuilder(args).Build().Run();
    }

    public static IHostBuilder CreateHostBuilder(string[] args) =>
        Host.CreateDefaultBuilder(args)
            .ConfigureAppConfiguration((context, config) =>
            {
                config.AddSecretsManager(); // 👈 AWS Secrets Manager integration
            })
            .ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.UseStartup<Startup>();
            });
}

Console App Example

static void Main(string[] args)
{
    var builder = new ConfigurationBuilder();
    builder.AddSecretsManager();

    var config = builder.Build();
    Console.WriteLine("Secret: " + config["MySecret"]);
}

Your application must have AWS credentials available through the default AWS SDK mechanisms. Learn more here:
👉 AWS SDK Credential Config

📋 Logging Support

The provider includes comprehensive logging support for better observability:

// Using ILoggerFactory (recommended)
using var loggerFactory = LoggerFactory.Create(builder => builder.AddConsole());
builder.Configuration.AddSecretsManager(
    loggerFactory,
    configurator: options => options.PollingInterval = TimeSpan.FromMinutes(5));

// Using explicit ILogger
var logger = loggerFactory.CreateLogger<SecretsManagerConfigurationProvider>();
builder.Configuration.AddSecretsManager(
    logger,
    configurator: options => options.PollingInterval = TimeSpan.FromMinutes(5));

Log Levels:

• Information: Key operations (loading, reloading, polling status)
• Debug: Batch processing details and secret counts
• Trace: Individual secret processing and change detection
• Warning: Polling errors and missing secrets (when ignored)
• Error: Failed operations with full context

Example Log Output:

[Information] Loading secrets from AWS Secrets Manager
[Debug] Fetching 15 secrets in 1 batches
[Information] Successfully loaded 47 configuration keys in 1,234ms
[Information] Starting secret polling with interval 00:05:00

---

🔒 Configuration Options

This provider supports several customization options, including:

• Credentials: Pass your own credentials if needed.
• Region: Customize the AWS region.
• Filtering: Control which secrets are loaded via filters or explicit allow lists.
• Key generation: Customize how configuration keys are named.
• Version stage: Set version stages for secrets.
• Logging: Full logging support with ILogger integration for observability.
• LocalStack support: Override ServiceUrl for local testing.

📚 Samples

The repository includes comprehensive samples demonstrating different usage patterns:

Sample	Description	Key Features
Sample1	Basic Usage	Default credentials, default region, all secrets
Sample2	Region Configuration	Custom AWS region specification
Sample3	Credential Profiles	Using named AWS credential profiles
Sample4	Secret Filtering	Loading specific secrets by ARN allowlist
Sample5	Custom Key Generation	Transforming configuration key names (e.g., uppercase)
Sample6	Custom Client Factory	Advanced AWS client configuration
Sample7	Advanced Logging	Comprehensive logging, polling, and monitoring
SampleWeb	ASP.NET Core	Web application integration with endpoints

Each sample includes a detailed README with usage examples, prerequisites, and explanations. See the complete samples overview for setup instructions and learning progression.

---

📦 Installation

dotnet add package AWSSecretsManager.Provider

---

✅ Building Locally

This repo is built with the standard .NET SDK:

dotnet build
dotnet test

---

🙌 Acknowledgments

This project is based on the excellent work by Renato Golia and inspired by the broader .NET and AWS developer community.

---

📄 License

This project is licensed under the MIT License.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

Nick Cipollina 💻

This project follows the all-contributors specification. Contributions of any kind welcome!