By using AWS re:Post, you agree to the Terms of Use

Credentials Changing

0

How do I stop credentials from changing every couple of hours?

Working on pushing docker images to an EC2 instance to train up machine learning algorithms and I need to access data on s3 during the training. My current credentials change every couple of hours and that makes it difficult to persist information within the docker containers.

  • Hello, without sharing credentials details, could you please provide more information on your authentication process ? Are you using AWS CLI ? or SDK ? or something else ? Thanks.

1 Answer
0

Hi, you don't say if your using your, host, EC2 role credentials in the docker container or have another process?

Depending on your docker base image and the libraries it supports you could:-

  • Use the AWS SDK in your code, something like boto3 (python) can automatically manage the refresh of the credentials
  • a background thread, goroutine etc. in your app code could periodically query the metadata service url @http://169.254.169.254/latest/meta-data/iam/security-credentials/yourole and update credential used in your S3 call
  • Generate static credentials (IAM user) with limited access and inject the Secret/Access keys into your container in environment variables, these wont change but can also be used outside of your VPC so need to be least privilege and should be rotated frequently to limit security issues.

hope this helps

answered 2 months ago
profile picture
EXPERT
reviewed 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions