Is it possible to provide AcceptedArns through config file?

[mehul9595]

Hello,

I'm trying to decouple accepted ARNs list from the program.cs to a config file, I have my config options defined below in appsettings.json,

"SecretsManagerConfigurationProviderOptions": {
   "acceptedSecretArns": [ "my-arn" ]
 }

Then from the code, I just call the manager like below

 try
            {
                var config = builder.Build();
                logger?.Information("reading secure settings from secrets manager");
                builder.AddSecretsManager(region: RegionEndpoint.USWest2);
                config = builder.Build();
            }
            catch (Exception ex)
            {
                logger?.Error(ex, "Unable to configure SecretsManager");
            }
            return builder;

Here, I'm not sure if the accepdSecretArns would be passed down to the library since I don't have the environment to test AWS secrets manager. Could you share your thoughts if this is correct approach?
Also, I would like to make RegionEndpoint as configurable from the appsettings option, any thoughts if I can achieve this?

Thanks

[Kralizek]

Hi @mehul9595

As of right now it is not possible to do as you ask. It should be tested how is it possible to use the configuration system to configure a configuration provider. Unfortunately, I never tried it before.

[gao87926]

There is a walkaround, https://andrewlock.net/secure-secrets-storage-for-asp-net-core-with-aws-secrets-manager-part-2/

Basically, build you config first time, load appsettings, then addSecretManager can use the params from config, at the end, the builder have to build again