The Holy Java

Building the right thing, building it right, fast

AWS: Passing private configuration to a Docker container (via S3)

Posted by Jakub Holý on July 29, 2015

Philipp Garbe describes how to pass environment variables that you want to keep private to a public Docker instance run on Amazon Web Services (beanstalk or ECS) in his post How to Run HuBot in Docker on AWS EC2 Container Services – Part 3. The trick is:

  1. Put them into an file that you can source on S3 (and allow the appropriate EC2 IAM role to access it)
  2. As a part of your startup CMD, run aws s3 cp to fetch and then source it

Here is his example of the CMD from a Dockerfile:

CMD ["/bin/sh", "-c", "aws s3 cp --region eu-west-1 s3://your-bucket/ .; . ./; bin/hubot --adapter slack"]

See the full source code in his GitHub repo. Thanks for sharing, Phillipp!

Sorry, the comment form is closed at this time.

%d bloggers like this: