Created
July 27, 2018 18:21
-
-
Save jzwiep/ef031876d611d8e4e75e03a9e1a595bb to your computer and use it in GitHub Desktop.
Assume a specific IAM role with a container via docker-compose
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Assume the role using locally configured AWS credentials, then pass the assumed role to the container via environment | |
| # variables! | |
| ASSUMED_ROLE=$(aws sts assume-role \ | |
| --role-arn "arn:aws:iam::000000000000:role/our-role-to-assume" \ | |
| --role-session-name "session_name" \ | |
| --output text) | |
| # 'docker-compose exec' seems to set the shell width incorrectly, here we overcome that by manually setting COLUMNS and | |
| # LINES! | |
| docker-compose exec \ | |
| -e COLUMNS=$(tput cols) \ | |
| -e LINES=$(tput lines) \ | |
| -e AWS_ACCESS_KEY_ID=$(echo $ASSUMED_ROLE | awk '{print $5}') \ | |
| -e AWS_SECRET_ACCESS_KEY=$(echo $ASSUMED_ROLE | awk '{print $7}') \ | |
| -e AWS_SESSION_TOKEN=$(echo $ASSUMED_ROLE | awk '{print $8}') \ | |
| container_name bash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment