Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Getting AWS Credentials into a Docker Container without Hardcoding It

0

Hello, I have an application that writes and reads data in S3.

  1. When running this application in eg AppRunner, credentials are passed through roles and policies (this works)
  2. When I run the application directly from Visual Studio, the credentials are taken from the locally configured credentials file in C:\Users\user.aws. (this works)

However, I have a problem with passing the credentials as I want to run the application in the docker container, but locally, how to pass these credentials during e.g. docker run? I've tried several ways before, but none of them worked

As part of the tests, I even did something like this, but it also doesn't work:

docker run -e AWS_ACCESS_KEY_ID=<my_aws_access_key> -e AWS_SECRET_ACCESS_KEY=<my_aws_secret_access_key> -e AWS_DEFAULT_REGION=us-east-1 -p 8081: 8080 test040722: 1.0

Tópicos
DevOpsMicrosserviços.NET na AWS
Tags
DevOpsMicrosserviços.NET na AWS
Idioma
English
AWS-Arthur
feita há 2 anos867 visualizações
4 Respostas
1

This confirms that the credentials are being passed on to the container. I assumed that the application should be able to read the environment variable but you need to debug if the application is able to do so or does it need it in some other file or location. Or maybe some sort of conditional handling to fetch the credentials from diff sources depending on where you are running the application on. From my experience in Linux, python SDK has various methods to read credentials. Something similar should also be the case with .NET

--Syd

profile picture
Syd
respondido há 2 anos
0

Unless it was a typo or oversight when creating this Support Q, the command you used has unexpected spaces. It should be as follows:

docker run -e AWS_ACCESS_KEY_ID=<my_aws_access_key> -e AWS_SECRET_ACCESS_KEY=<my_aws_secret_access_key> -e AWS_DEFAULT_REGION=us-east-1 -p 8081:8080 test040722:1.0

What's the error you get when you execute the docker run command? If it's successful, does the container show up in the docker ps output? Also if you can access the container with docker exec, do the AWS* variables show up in the env command. I was successfully able to execute AWS CLI commands in a container by passing credentials in the manner listed above

--Syd

profile picture
Syd
respondido há 2 anos
0

hi, thanks for answer. It was an oversight after i paste this command here, I had no spaces in CLI. This command succeeds. The container is running. In the application, which is an API, I also have other methods (they don't need credentials), they all work fine. Only this one with credentials causes an error.

I can access into the container, when i used docker exec it show all env variables

HOSTNAME=4e4cb957094b
AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXX
AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXX
AWS_DEFAULT_REGION=us-east-1
ASPNETCORE_URLS=http://+:8080
DOTNET_RUNNING_IN_CONTAINER=true
DOTNET_VERSION=6.0.6
ASPNET_VERSION=6.0.6
HOME=/home/appuser
AWS-Arthur
respondido há 2 anos
0

Ok, it's all working fine now. I checked everything and my environment variables are passed correctly. But now i have second problem that i thought it was because those env variables.

I have error when i want to use my credentials (this error appears only when i want to use credentials in local docker container):

Amazon.Runtime.AmazonClientException: No RegionEndpoint or ServiceURL configured

I don't know why because I declared RegionEndpoint like this:

var client = new AmazonS3Client(awsCredentials, RegionEndpoint.EUWest1)

AWS-Arthur
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante