Search code examples
amazon-web-servicesdockerboto3amazon-iamaws-secrets-manager

Best way to access AWS Services from docker container

Limitations:

  • I don't want to include my aws config file in docker container
  • I want it to work both on prod and development environment.

Things I tried:

  • I used IAM roles but this works only on prod not on development environment.
  • I used aws config file but it works on host not in docker container. And I dont want to copy it to the container.

Any advice on best practices about how to do that?

Update: To clarify the question: My problem is to find a common way to provide aws credentials to both on development environment and production both using docker. By"I used IAM roles but this works only on prod" I meant I used taskRoleArn on cloudformation task definition but this only effects the prod not development environment. So I need to set credentials another way (like aws config) on development environment.

Solution

  • For anyone interested I solved my problem by following instructions here about testing IAM roles: https://aws.amazon.com/blogs/compute/a-guide-to-locally-testing-containers-with-amazon-ecs-local-endpoints-and-docker-compose/ See the section related to "ECS Local Container Endpoints"