Menu
I have an API server running on a docker container, and the docker container runs on an AWS ec2 instance.
Is it possible to make the server execute AWS CLI commands without putting my aws credentials on the docker container?
Because I think the aws credentials should only be placed on my local machine.
I don't think it is safe to place it on a remote machine which can be accessed by other people.
774
When you use a shared profile that specifies an AWS Identity and Access Management (IAM) role, the AWS CLI calls the AWS STS AssumeRole operation to retrieve temporary credentials. These credentials are then stored (in ~/.aws/cli/cache ).
You can access the features of Amazon Elastic Compute Cloud (Amazon EC2) using the AWS Command Line Interface (AWS CLI).
To access AWS services with the AWS CLI, you need an AWS account, IAM credentials, and an IAM access key pair. When running AWS CLI commands, the AWS CLI needs to have access to those AWS credentials. To increase the security of your AWS account, we recommend that you do not use your root account credentials.
Yes. Attach IAM role to your EC2 instance. No need to place the AWS credentials in the EC2 instance. Your application/CLI will get the credentials automatically.
IAM Roles for Amazon EC2
192
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
