Refreshing credentials used by already instantiated clients #124
-
|
I am using credentials from Cognito with a few different AWS services (eg. CloudWatch, SQS and SecretsManager). The processen are long running and as such eventually the tokens expire and I need to use the refresh token to get new credentials. However, when this happens I will already have instantiated the clients with the cognito credentials. Using the cloudwatch client as an example: private static void ConfigureSerilogLogger(LoggerConfiguration configuration, CognitoAWSCredentials credentials, RegionEndpoint region)
{
var client = new AmazonCloudWatchLogsClient(credentials, region);
configuration
// ... some additional log config
.WriteTo.AmazonCloudWatch(
cloudWatchClient: client,
logGroup: "SomeLogGroup",
logStreamPrefix: "SomeStream",
createLogGroup: false,
appendUniqueInstanceGuid: false,
appendHostName: false,
textFormatter: new ExpressionTemplate(logOutputTemplate))
}Here the |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
@archevel The tokens received via Cognito have the |
Beta Was this translation helpful? Give feedback.
-
|
Hello! Reopening this discussion to make it searchable. |
Beta Was this translation helpful? Give feedback.
@archevel The tokens received via Cognito have the
ExpirationTime. The logic to refresh the tokens and reinitialize existing clients should be build within the application, may be using timer to be triggered based on value of expiration time. The StackOverflow post https://stackoverflow.com/questions/54938342/how-to-update-token-using-refresh-token-in-mvc-client-application throws some idea for ASP.NET MVC application, there might be better solutions available though. This library would not refresh token automatically.