How to manage AWS credentials when running Docker container with Visual Studio 2017
Questions : How to manage AWS credentials when running Docker container with Visual Studio 2017
2022-08-02T00:32:25+00:00 2022-08-02T00:32:25+00:00
755
I have a .NET Core 2.0 console application anycodings_visual-studio-2017 developed using Visual Studio 2017. The anycodings_visual-studio-2017 launchSettings.json file sets an environment anycodings_visual-studio-2017 variable that allows it to use the anycodings_visual-studio-2017 developer's default AWS credentials
"environmentVariables": { "AWS_PROFILE": "default" ... }I have now added Docker support to the VS anycodings_visual-studio-2017 solution, and am trying to run the anycodings_visual-studio-2017 application in a Linux Docker container. Of anycodings_visual-studio-2017 course it fails with the following anycodings_visual-studio-2017 exception, as it is unable to find the anycodings_visual-studio-2017 profile:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain.What is the best way to pass AWS credentials anycodings_visual-studio-2017 to the Docker container in a development anycodings_visual-studio-2017 environment? I obviously don't want to put anycodings_visual-studio-2017 my credentials as environment variables in anycodings_visual-studio-2017 launchSettings.json as this file is anycodings_visual-studio-2017 committed to source control.
EDIT
Just to be clear, I am looking for a anycodings_visual-studio-2017 solution that allows my Docker container to anycodings_visual-studio-2017 access the developer's credentials when anycodings_visual-studio-2017 debugging in Visual Studio 2017 on the anycodings_visual-studio-2017 developer's machine. Release builds will be anycodings_visual-studio-2017 deployed to AWS and an IAM role will anycodings_visual-studio-2017 preclude the need for credentials. The anycodings_visual-studio-2017 credentials are in the file anycodings_visual-studio-2017 %USERPROFILE%\.aws\credentials and I'm anycodings_visual-studio-2017 looking for a solution that will enable me anycodings_visual-studio-2017 to use them from within the Docker container anycodings_visual-studio-2017 without exposing them elsewhere: hence I anycodings_visual-studio-2017 don't want to put them in anycodings_visual-studio-2017 launchSettings.json or any other file that anycodings_visual-studio-2017 launches the Docker container.
A solution I envisage could involve mounting anycodings_visual-studio-2017 the Windows drive in the Docker container anycodings_visual-studio-2017 (or at least the anycodings_visual-studio-2017 directory %USERPROFILE%\.aws\) then setting anycodings_visual-studio-2017 an environment variable anycodings_visual-studio-2017 (AWS_SHARED_CREDENTIALS_FILE ?) in the anycodings_visual-studio-2017 Docker container so that AWS automagically anycodings_visual-studio-2017 finds the credentials file.
I've no idea how to do this though, as I'm anycodings_visual-studio-2017 very new to Docker.
Total Answers 2
29
Answers 1 : of How to manage AWS credentials when running Docker container with Visual Studio 2017
The solution I went for was to edit the anycodings_docker docker-compose.override.yml file that anycodings_docker was added by Visual Studio Tools for anycodings_docker Docker, and add the following lines:
version: '3' services: mydockerapp: volumes: - ${USERPROFILE}/.aws:/root/.aws environment: - AWS_REGION=(your region) - AWS_PROFILE=defaultThis mounts the .aws directory anycodings_docker containing AWS credentials in the anycodings_docker appropriate place in the Docker anycodings_docker container (/root is the default HOME anycodings_docker directory), and sets environment anycodings_docker variables to select the profile and anycodings_docker region. The launchSettings.json file in anycodings_docker the .NET Core project is not used when anycodings_docker running in Docker.
0
2022-08-02T00:32:25+00:00 2022-08-02T00:32:25+00:00Answer Link
mRahman
4
Answers 2 : of How to manage AWS credentials when running Docker container with Visual Studio 2017
Thanks for Joe's answer, as /root was anycodings_docker key for me. This is what my anycodings_docker docker-compose.yml looks like for a anycodings_docker Java/Maven/Mac OSX environment:
volumes: # Map in the aws directory - ~/.aws:/root/.aws:ro:RO makes it read-only of course. It anycodings_docker was unnecessary for me to explicitly anycodings_docker define Region and Profile.
0
2022-08-02T00:32:25+00:00 2022-08-02T00:32:25+00:00Answer Link
joy