Configuration

View .md

Config layers the standard ASP.NET Core way — appsettings.json for defaults and structure, appsettings.<Env>.json for per-environment overrides — plus one layer on top: the stage environment declared in your manifest. What differs from a hand-rolled AWS setup is when the Parameter Store and Secrets Manager values resolve.

json
// appsettings.json — defaults and structure, committed to git{  "AppSettings": {    "DatabaseNamespace": "prod",    "AwsRegion": "eu-west-1",    "EnableHighAvailabilityCache": true  },  "CognitoIdentityProviderSettings": {    "Region": "eu-west-1",    "ApplicationIdentitySchema": "AppIdentity",    "UserPartitionKey": "user#"  }}

Secrets resolve at deploy, not at cold-start

A stage env value is a plain string, a param: Parameter Store reference, or a secret: Secrets Manager reference. Kanject resolves every reference once, at deploy, and writes the result into the function's environment variables. Your service reads them through the ordinary environment-variable configuration provider — ASP.NET Core's Section__Key convention maps a flat env var onto a nested config key — so it never calls Parameter Store or Secrets Manager itself, and cold-starts stay fast.

json
// stages/prod.json — environment values, resolved at deploy{  "env": {    "ASPNETCORE_ENVIRONMENT": "Production",    "CognitoIdentityProviderSettings__UserPoolId": "param:COGNITO_USER_POOL_ID",    "CognitoIdentityProviderSettings__ClientId":   "secret:app/prod/cognito#clientId"  }}

Only the param: / secret: reference lives in the committed stage file — never the value. See Core Concepts for the three env forms and where each resolves, and the Manifest Reference for the stage-file schema.

Was this page helpful?