AWS: Passing private configuration to a Docker container (via S3)

Philipp Garbe describes how to pass environment variables that you want to keep private to a public Docker instance run on Amazon Web Services (beanstalk or ECS) in his post How to Run HuBot in Docker on AWS EC2 Container Services - Part 3. The trick is:

  1. Put them into an file that you can source on S3 (and allow the appropriate EC2 IAM role to access it)
  2. As a part of your startup CMD, run aws s3 cp to fetch and then source it

Here is his example of the CMD from a Dockerfile:

CMD ["/bin/sh", "-c", "aws s3 cp --region eu-west-1 s3://your-bucket/ .; . ./; bin/hubot --adapter slack"]

See the full source code in his GitHub repo. Thanks for sharing, Phillipp!

Tags: DevOps

Copyright © 2024 Jakub Holý
Powered by Cryogen
Theme by KingMob