By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

App Runner: Container access to AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

0

Hi,

I have an app runner instance with NodeJS14 + Strapi from a container, for some of the plugins I'm using they require an access key id, secret access key. How do I handle this situation? it doesn't look like they are set as environment variables by default?

Thanks.

Topics
ComputeContainers
Tags
AWS App Runner
Language
English
rePost-User-4420190
asked 2 years ago318 views
1 Answer
0

Hello,

You will need to provide an Instance Role during the App Runner service creation. The instance role is an optional role that App Runner uses to provide permissions to AWS API actions that your App Runner service would like to make.

Before creating the App Runner service, create an IAM role with the required custom or managed IAM policies and attach the below trust relationship to it.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "tasks.apprunner.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

After the IAM role is created and the trust-relationship added, specify this IAM role as the Instance Role during the AppRunner service creation. Please refer this document for more info on how to use the App Runner Instance Role.

If you are using the AWS SDK to perform AWS API calls, the SDK will use the credentials provided by your Instance Role and perform the required AWS API calls.

profile pictureAWS
SUPPORT ENGINEER
Venkat Penmetsa
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content