I have a .NET Core 2.0 console application developed using Visual Studio 2017. The launchSettings.json file sets an environment variable that allows it to use the developer's default AWS credentials
"environmentVariables": {
"AWS_PROFILE": "default"
...
}
I have now added Docker support to the VS solution, and am trying to run the application in a Linux Docker container. Of course it fails with the following exception, as it is unable to find the profile:
Amazon.Runtime.AmazonClientException: Unable to find the 'default' profile in CredentialProfileStoreChain.
What is the best way to pass AWS credentials to the Docker container in a development environment? I obviously don't want to put my credentials as environment variables in launchSettings.json as this file is committed to source control.
EDIT
Just to be clear, I am looking for a solution that allows my Docker container to access the developer's credentials when debugging in Visual Studio 2017 on the developer's machine. Release builds will be deployed to AWS and an IAM role will preclude the need for credentials. The credentials are in the file %USERPROFILE%\.aws\credentials
and I'm looking for a solution that will enable me to use them from within the Docker container without exposing them elsewhere: hence I don't want to put them in launchSettings.json or any other file that launches the Docker container.
A solution I envisage could involve mounting the Windows drive in the Docker container (or at least the directory
%USERPROFILE%\.aws\
) then setting an environment variable (AWS_SHARED_CREDENTIALS_FILE
?) in the Docker container so that AWS automagically finds the credentials file.
I've no idea how to do this though, as I'm very new to Docker.
The solution I went for was to edit the
docker-compose.override.yml
file that was added by Visual Studio Tools for Docker, and add the following lines:This mounts the .aws directory containing AWS credentials in the appropriate place in the Docker container (
/root
is the default HOME directory), and sets environment variables to select the profile and region. ThelaunchSettings.json
file in the .NET Core project is not used when running in Docker.Thanks for Joe's answer, as
/root
was key for me. This is what mydocker-compose.yml
looks like for a Java/Maven/Mac OSX environment::RO
makes it read-only of course. It was unnecessary for me to explicitly define Region and Profile.