How to use AWS CLI (and SSM) with Docker
Today I would like to tell you how I started using AWS CLI in a Docker container instead of installing it locally.
Why did I do that? I just got annoyed by the upgrade process of AWS CLI to a new version
Without wasting your time, I will jump right into it.
First step – uninstall AWS CLI from your local machine:
Second step – create an alias in your shell for the AWS command. I have zsh, so I will show you my example:
?> cat ~/.zshrc...
# you can do it as an alias
alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $PWD:/aws amazon/aws-cli'# or a function
aws () {
docker run --rm -it -v ~/.aws:/root/.aws -v $PWD:/aws amazon/aws-cli "$@"
}
...
NOTE: the -v $PWD:/aws volume is needed if you want to work with local files in AWS CLI. Credit for this addition goes to my colleague Giovanni.
For basic usage you’re done!
Third step (optional) – use SSM session manager to connect to instances.
This is where I had some fun creating a hacky solution.
First things first, I tried starting a SSM session with the ssm-session command (installed via https://pypi.org/project/aws-ssm-tools/), but it did’t work, because this tool defaults to /bin/sh and doesn’t expand aliases. So I made a PR to fix this. You can wait for the PR to be merged or install from my fork (but I don’t recommend it):
?> git clone git@github.com:robingoth/aws-ssm-tools.git
?> cd aws-ssm-tools
?> git checkout shell_support
?> pip3 install .You can survive without it by just running aws ssm start-session --target i-0000000000 --profile profile-1 , but there’s a catch! The docker image with AWS CLI does not include the session manager plugin :( There’s an issue created for this tho, so we still have hope:
To fix this, you need to create your own image:
?> cat Dockerfile
FROM amazon/aws-cliRUN curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/linux_64bit/session-manager-plugin.rpm" -o "session-manager-plugin.rpm" && \
yum install -y ./session-manager-plugin.rpm
?> docker build . -t awscli-local
After the image is built, you need to edit your .zshrc file.
?> cat ~/.zshrc...
# you can do it as an alias
alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $PWD:/aws awscli-local'# or a function
aws () {
docker run --rm -it -v ~/.aws:/root/.aws -v $PWD:/aws awscli-local "$@"
}
...
And now you can start your SSM sessions! Did you find it useful? Let us know :)
By the way, ABOUT YOU is hiring Docker-proficient engineers, so check out our openings on aboutyou.tech/jobs
