Coder Social home page Coder Social logo

truemark / aws-cli-docker Goto Github PK

View Code? Open in Web Editor NEW
0.0 8.0 1.0 89 KB

Modified docker image based on amazon/aws-cli with added OIDC and STS functions.

License: BSD 3-Clause "New" or "Revised" License

Dockerfile 11.46% Shell 88.54%
aws docker

aws-cli-docker's Introduction

AWS CLI Docker Image

This project produces a multi-architecture docker image with minimal layers containing the AWS CLI and a few other useful tools.

Architectures

  • linux/amd64
  • linux/arm64

Operating Systems

  • ubuntu-focal
  • ubuntu-jammy
  • debian-bullseye
  • debian-bullseye-slim
  • debian-bookworm
  • debian-bookworm-slim
  • amazonlinux-2
  • amazonlinux-2022
  • amazonlinux-2023
  • alpine-3.16
  • alpine-3.17

Installed Packages

  • tar
  • zip
  • unzip
  • gzip
  • bzip2
  • curl
  • jq
  • findutils

How do I use this docker image?

Authentication using an IAM user

docker run -it --rm \
  -e AWS_ACCESS_KEY_ID="YOUR_ACCESS_KEY_ID" \
  -e AWS_SECRET_ACCESS_KEY="YOUR_SECRET_ACCESS_KEY" \
  truemark/aws-cli:latest

Alternative example using an IAM user

docker run -it --rm truemark/aws-cli:latest
export AWS_ACCESS_KEY_ID="YOUR_ACCESS_KEY_ID"
export AWS_SECRET_ACCESS_KEY="YOUR_AWS_SECRET_ACCESS_KEY"
initialize

Example using an IAM user and switching roles

docker run -it --rm \
  -e AWS_ACCESS_KEY_ID="YOUR_ACCESS_KEY_ID" \
  -e AWS_SECRET_ACCESS_KEY="YOUR_SECRET_ACCESS_KEY" \
  -e AWS_ASSUME_ROLE_ARN="YOUR_ROLE_ARN" \
  -e AWS_ROLE_SESSION_NAME="YOUR_SESSION_NAME" \
  truemark/aws-cli:latest

Example using OIDC authentication and switching roles

docker run -it --rm \
  -e AWS_OIDC_ROLE_ARN="YOUR_ACCESS_KEY_ID" \
  -e AWS_WEB_IDENTITY_TOKEN="YOUR_OIDC_TOKEN" \
  -e AWS_ASSUME_ROLE_ARN="YOUR_ROLE_ARN" \
  -e AWS_ROLE_SESSION_NAME="YOUR_SESSION_NAME" \
  truemark/aws-cli:latest

Example using codeartifact support (OIDC + CODEARTIFACT)

docker run -it --rm \
  -e AWS_OIDC_ROLE_ARN="YOUR_ACCESS_KEY_ID" \
  -e AWS_WEB_IDENTITY_TOKEN="YOUR_OIDC_TOKEN" \
  -e AWS_ASSUME_ROLE_ARN="YOUR_ROLE_ARN" \
  -e AWS_ROLE_SESSION_NAME="YOUR_SESSION_NAME" \
  -e AWS_CODEARTIFACT_DOMAIN="YOUR_CODEARTIFACT_DOMAIN" \
  -e AWS_CODEARTIFACT_REPO="YOUR_CODEARTIFACT_REPO" \
  truemark/aws-cli:latest

What are all the environment variables supported by this image?

Environment Variable Description
AWS_ACCESS_KEY_ID Optional access key if using default AWS authentication.
AWS_ASSUME_ROLE_ARN Optional role to assume.
AWS_CODEARTIFACT_DOMAIN AWS Codeartifact domain
AWS_CODEARTIFACT_REPO AWS Codeartifact repository
AWS_ECR_OIDC_ROLE_ARN Optional role to assume if using AWS OIDC authentication.
AWS_ECR_ASSUME_ROLE_ARN Optional role to assume when doing ECR login.
AWS_ECR_REGION Region for ECR login. Ignored if AWS_ECR_ACCOUNT_ID is not set.
AWS_ECR_ACCOUNT_ID Account ID for ECR login. Ignored if AWS_ECR_REGION not set.
AWS_EXCLUDE_ACCOUNT_IDS Account IDs to exclude when using aws_organization_account_ids function.
AWS_EXCLUDE_OU_IDS AWS Organizational units to exclude when using aws_organization_account_ids.
AWS_OIDC_ROLE_ARN Alternative variable to AWS_ROLE_ARN.
AWS_ROLE_ARN Optional role to assume if using AWS OIDC authentication.
AWS_ROLE_SESSION_NAME Optional session name used in audit logs used when assuming a role.
AWS_SECRET_ACCESS_KEY Optional secret access key if using default AWS authentication.
AWS_SESSION_TOKEN Optional session token used with temporary credentials.
AWS_WEB_IDENTITY_TOKEN Optional OIDC token if using AWS OIDC authentication.
AWS_WEB_IDENTITY_TOKEN_FILE Optional token file if using AWS OIDC authentication.
GIT_CRYPT_KEY Optional base64 encoded git-crypt key used to unlock the git repository with git-crypt.
GIT_CRYPT_KEY_FILE Optional git-crypt key file used to unlock the git repository with git-crypt.
LOCAL_PATH Optional value to change working directories.

Maintainers

License

The contents of this repository are released under the BSD 3-Clause license. See the license here.

aws-cli-docker's People

Contributors

erikrj avatar cedwards avatar dependabot[bot] avatar siddarthancha avatar tvc123 avatar

Watchers

avatar Orlando Quero avatar Michael Dollar avatar James Cloos avatar Pieter Van der Vyver avatar Brian Abbott avatar victor vergunov avatar avatar

Forkers

journeylab-tech

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.