Forked from jzwiep/docker_compose_assume_iam_role.sh
Created
February 4, 2025 20:56
-
-
Save valmayaki/bd096e5539a8fec2fe80b802139d78c3 to your computer and use it in GitHub Desktop.
Assume a specific IAM role with a container via docker-compose
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Assume the role using locally configured AWS credentials, then pass the assumed role to the container via environment | |
| # variables! | |
| ASSUMED_ROLE=$(aws sts assume-role \ | |
| --role-arn "arn:aws:iam::000000000000:role/our-role-to-assume" \ | |
| --role-session-name "session_name" \ | |
| --output text) | |
| # 'docker-compose exec' seems to set the shell width incorrectly, here we overcome that by manually setting COLUMNS and | |
| # LINES! | |
| docker-compose exec \ | |
| -e COLUMNS=$(tput cols) \ | |
| -e LINES=$(tput lines) \ | |
| -e AWS_ACCESS_KEY_ID=$(echo $ASSUMED_ROLE | awk '{print $5}') \ | |
| -e AWS_SECRET_ACCESS_KEY=$(echo $ASSUMED_ROLE | awk '{print $7}') \ | |
| -e AWS_SESSION_TOKEN=$(echo $ASSUMED_ROLE | awk '{print $8}') \ | |
| container_name bash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment