This seems to be an issue many people have faced but the solutions I tried haven't solved it:
I have a python app that I dockerized and that I want to push to an EC2 container, however, once dockerized, the app has issues (locally) to access my AWS credentials:
santeau_session = boto3.Session(profile_name='Santeau')
db = santeau_session.resource('dynamodb', region_name='us-west-2')
MainPage = db.Table('mp')
When trying to pass them that way:docker run -v $HOME/.aws/credentials:/home/app/.aws/credentials:ro ks/mz
I get:
Traceback (most recent call last): File "./main.py", line 17, in <module>
santeau_session = boto3.Session(profile_name='Santeau')
File "/usr/local/lib/python3.8/site-packages/boto3/session.py", line 80, in __init__
self._setup_loader()
File "/usr/local/lib/python3.8/site-packages/boto3/session.py", line 120, in _setup_loader
self._loader = self._session.get_component('data_loader')
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 698, in get_component
return self._components.get_component(name)
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 937, in get_component
self._components[name] = factory()
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 158, in <lambda>
lambda: create_loader(self.get_config_variable('data_path')))
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 251, in get_config_variable
return self.get_component('config_store').get_config_variable(
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 313, in get_config_variable
return provider.provide()
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 410, in provide
value = provider.provide()
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 471, in provide
scoped_config = self._session.get_scoped_config()
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 351, in get_scoped_config
raise ProfileNotFound(profile=profile_name)
botocore.exceptions.ProfileNotFound: The config profile (Santeau) could not be found
My credentials file looks (kind of) like this, and the app correctly connects when not run with docker:
aws_access_key_id = ------------------
aws_secret_access_key = ------------------
[Santeau]
aws_access_key_id = ------------------
aws_secret_access_key = ------------------
Why does it work undockerized but not dockerized, and how can I solve this ?
My guess is that your docker container isn't running as the user and with the home you're expecting. I noticed that you hard coded /home/app/.aws/credentials
You should login to your container and discover what user it's running as and where your home is. You could run aws configure
and then find where the credentials files were stored.
Many run as root so your command would look something like this docker run -v ~/.aws/:/root/.aws:ro your_image
Edit: Alternatively, you can pass the AWS_SHARED_CREDENTIALS_FILE environment variable of your file location directly. Here's more information: https://boto3.amazonaws.com/v1/documentation/api/1.9.42/guide/configuration.html