Getting Started With Your .NET App on AWS – Part 1 Setup

awslogoAWS has many services. AWS provides nearly 100 services: many types of virtual servers, several types of storage services, ways for you to build and deploy your application on virtual networks. machine learning.

For our simple web application, in this series I’ll start with AWS Elastic Beanstalk. But you can also deploy .NET applications to AWS Lamdba for serverless apps or to Docker Containers on ECS. AWS supports the AWS Management Console or Git or Eclipse or Visual Studio to upload the application. This walkthrough will use Visual Studio.


But the real reason for using Elastic Beanstalk — it handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring. It means I can get started with my web application in the same tooling that you have been writing code for other platforms.

But first you will want to set up AWS and Visual Studio.

Step 1. Get an AWS Account

You get started by creating an AWS account. It does not need to be the same as your Amazon account. And although you need to provide your credit card, you can restrict your account to the free tier.


Start by clicking Create an AWS Account. You will be asked to provide a password, Next, on the next several pages, you’ll be asked for your phone, address contact information, and credit/debit card information. Have your phone ready. Amazon will ask you to verify your new account with a code.

You will have a choice for a support plan:

  • Free. Provides self service access to forums and can perform best practice checks. You also get access to health status and notifications.
  • Developer Plan. You get email access to AWS support during business hours. One contact can open an unlimted number of support cases. You get a 12-hour response time for nonproduction systems.
  • Business Plan. This is for production workloads. You get round-the-clock chat, phone and email access and a one-hour response for production.

Be sure to remember your Account ID, IAM user name and password. Your IAM User name is the email address you used to sign up — for now. In a future step, you will set up users who will not have root access (global admin access).

Sign in to your new account

When you log out, you’ll need to sign back in.


Go to and click the Sign in to the Console button. Depending on the width of your browser, the button can be along the top of the page or in the graphic in the center.


My browser remembered my AccountID, but not my IAM user name.

Set your region

You can set the region you’ll work in. On the menu bar next to your name, you will see the name of your region. You can click the region and select a different region.


A region is a georgraphical area. Each region has multiple, isolated availability zones. You ca think of an availability zone as a data center — with separate power and resources — within a region.

Step 2. Create your first app

You are ready to take make your first app. In this section, you will set up the default .NET application running IIS on Windows Server. And then you will

Note: It will take a few minutes for AWS to build your account. I recommend a cup of coffee, but other beverages are welcome. If you start the process of building your app right away, you’ll could get an error that says the EC2 service is not available.

Create an Hello World app

After you sign in, click Services along the top menu. You will get a list of what’s available. Type Elastic Beanstalk in the search menu (or click it under the Compute category). It will take you to the Elastic Beanstalk home page.

Next, select your platform. You can pick .NET, which provides you with IIS 10.0 on 64bit Windows Server 2016 v1.2.0. (Saving Docker containers for another time.) Click Launch Now.


Elastic Beanstalk will set up a default environment for you.


Once it is complete, check the configuration, logs, monitoring, alarms, events, and tags by clicking on the menus on the left side. For example, by clicking on Events, you can seeyour startup events.


Click on the URL you created to see your application running in AWS.


Your first app is up and running in the root user account, which you will learn more about in a following section in this post.

Clean up

One of the big benefits of cloud is that you can turn off your application when you are not using it.

To clean up our resources, Elastic Beanstalk cleans up all AWS resources associated with your environment, including EC2 instances, DB instance, load balancer, security groups, CloudWatch alarms, etc.

Click Actions drop down menu. Click Terminate Environment. Confirm that you want to delete the environment by typing in the enviornment name and click Confirm.

Let’s finish getting the pieces you need to write code in Visual Studio and get your User name set up.

Step 3. Get AWS Toolkit for Visual Studio

The AWS Toolkit for Visual Studio gives you:

  • Templates for sample code for how you can write to the AWA API
  • AWS Explorer to see into your AWS services.

The AWS Toolkit supports the use of Visual Studio 2010 and higher. There’s a different version for each of the other major releases.You can get toolkit for Visual Studio 2017 is available in the Visual Studio Marketplace.

The installation process consists of working through a relatively standard Windows Setup wizard.


Once the toolkit is installed, you will see the templates available. The project templates give you a starting point for AWS console and web applications. For example, when you create a New Project, you will see the templates for AWS under C#.


AWS Explorer

You will also find the AWS Explorer in Visual Studio’s Views menu. As your application runs, you can use the AWS Explorer to view the AWS resources used by the application. For example, if your application creates buckets in Amazon S3, you can use AWS Explorer to view those buckets and their contents.

The following view shows you what it will look like after you have set up your IAM account and started the view.


You are just about ready to create your first AWS Web project. But first…

Step 4. Create an IAM account

You can get started using your root user credentials. In Step 1 you created a root user. It is a single sign-in identity with complete access to all AWS services and resources in the account. You use those credentials to sign in using the email address and password that you used to create the account.

But you do not want to use the root user account for your everyday tasks, even the administrative ones.

ESSENTIAL TIP:  Use the best practice of using the root user only to create your first IAM user. Then securely lock away the root user credentials and use them to perform only a few account and service management tasks.

IAM Features

IAM gives you:

  • Shared access. You can grant other people permission to administer and use resources without sharing your password or access key.
  • Granular permissions. You can give different permission to different resources.
  • Secure access. Give applications access to access needed resources, such as databases.
  • Multifactor authentication. 
  • Identity federation. So you can give access to others in your organization using the same credicatials they are already using.
  • Identity infornation. If yo use AWS Cloud Trail, you receive logs about who made requests to your resources.
  • PCI DSS compliance. IAM supports the processing, storage, and transmission of credit card data by a merchant or service provider

You want these features. See Understanding How IAM Works for more details about IAM. In the meantime, you can get started setting up IAM Account you can use in Visual Studio.

Create an IAM Account

To create an IAM account, log into AWS and go to


Next, select the Users tab and click Add User . You will asked to enter a name for each user account that you want to create. Make sure that the Generate an Access Key by checking the Programmatic access and check if you want to allow AWS Management Console access.


Click Next Permissions.

Create a Group

You will want to control permissions at the group level, rather than assigning permissions to an individual user account. Create a group, add the applicable permissions, and then join your IAM account to the group.

Click Create Group. Enter a name for the group. Enter a group name and inspect the list of policies to assign to the group. Eventually you will want to choose the policy that best matches the level of access that will be required by your IAM account. If you are unsure of which policy to choose, then try the AdministratorAccess policy.


Click Create Group. Click Next Review. Click Create User.

Invite User

The group and your new user have been created. You can now click Send Email to inviation to your user.


You can download the csv file that includes the credentials. Those credentials hold whatever powers you granted to the user in the policy.

The Internet is full of storied with exposed credentials. Nicholas Kyriakides honestly writes, “Hackers scour with bots Github and other public sites for these exact access tokens so they can mine Bitcoins from your AWS account. I’ve accrued 8k in monthly costs on my AWS once because of this. Also, if you put any credentials public, change your access token ASAP.”

[Here is what to do if you mess this up by exposing your AWS credentials. Spoiler alert, it’s bad.]

IMPORTANT NOTE: Save the credentials.csv file in a safe place. Do not put the credentials in your code. Do not put them a place where they can even get checked into your code repository.  Do not check your keys into GitHub.

The credentials are for the user only. And you will need the credentials to link up your IAM Account to AWS Toolkit in Visual Studio.

Step 4. Link the IAM Account to AWS Toolkit in Visual Studio

Startup Visual Studio. Click View menu, click AWS Explorer menu item.


Next you will create a new account profile. Click the New Account Profile button; it’s the leftmost button along the profile dropdown.


Each profile is bound to a single set of credentials, and the credentials are encrypted and stored in Visual Studio’s SDK Store.

Upload the csv file into the New Account Profile dialog box. Type a profile name and the account number that you created in Step 1.


If you need to find your account number, you can find your account number by opening the AWS dashboard, clicking on your name (in the upper, right corner), and then clicking on My Account. The Account Settings screen lists an Account ID. This is your account number.


Once you have this set up, you are ready to deploy your .NET apps into AWS. You can deploy to Elastic Beanstalk or Lambda or Containers.

You can view your deployments in AWS. Each tool displayed in AWS Explorer has an interface correstponding to that tool.  For example, if you were to expand the Amazon EC2 container and click on Volumes, then the EBS Volumes interface would be displayed. This interface contains buttons for performing tasks such as creating and deleting volumes, creating snapshots, and refreshing the display.

Some of the tools  provide additional tabs being added to Visual Studio interface, although not every container has a corresponding tab. Tools that do not contain tabs do not appear to do anything when clicked. However, right clicking on this tool reveals an option to create a bucket. Some of the other containers also provide right click functionality.

Next Steps