I develop NET Core app working with S3. It works ok. I create S3 client using one of ways: regional endpoint only - in this case used stored on my computer profile accKey+secKey+regional endpoint - it works
My question is: I will provide my app to customers. How they will use the app: with my keys or they should have a aws profile on every computer?
May be I need use acckey+secKey from app config and then customer can enter there its own keys? How should I provide Lambda NET6 working with S3: keys? What is the best way?
There is no way a user of your app would need to supply their own keys to run your .NET app. Its not the way AWS works. The app should always run using the keys owned by the business. As far as Lambda and .NET (or any SDK), AWS Lambda functions run using a configured IAM Role that has permission to invoke a given AWS Service.
For information about developing an app using .NET SDK that uses Lambda and invoking AWS Services, I recommend that you read the document linked below. Even better, follow it step by step to gain a deeper understanding of how all of these concepts work.
This document covers developing a Photo Asset Management (PAM) app that uses Amazon Rekognition to categorize images, which are stored with Amazon S3 Intelligent-Tiering for cost savings. Users can upload new images that are analyzed with label detection. Those labels are then stored in an Amazon DynamoDB table.
Users can later request a bundle of images associated with a list of labels. When images are requested, they are retrieved from Amazon Simple Storage Service (Amazon S3), zipped, and the user is sent a link to download the resulting zip file.
Create a photo asset management application with the SDK for .NET (v3)