Docker with AWS credentials stored externally

28mm / blast-radius

Interactive visualizations of Terraform dependency graphs using d3.js

https://28mm.github.io/blast-radius-docs/

MIT License

2.03k stars 256 forks source link

Docker with AWS credentials stored externally #67

Open jpvlsmv opened 4 years ago

jpvlsmv commented 4 years ago

I store my AWS credentials far, far away from my Terraform source code, preferring per-project access keys and a profile configured via aws configure. I add 2 additional options to my docker run command:

  -v ~/.aws:/root/.aws -e AWS_PROFILE=projectprofile \

Adding the volume ~/.aws gives the scripts access to the saved keys I have, and the environment tells which one to use.

Hope this may help somebody.

edobry commented 4 years ago

This was helpful, thank you @jpvlsmv!

My setup is slightly more complex, as I'm using an organization authentication account, and then assuming account profiles; I had to add some more flags, but this got it working for me:

 -v ~/path/to/org/aws/config/file:/root/terraform/aws \
 -v ~/.aws:/root/.aws \
 -e AWS_PROFILE="account-profile=name" \
 -e AWS_SDK_LOAD_CONFIG=1 \
 -e AWS_CONFIG_FILE="/root/terraform/aws/config" \