Docker image for the AWS CLI with a wrapper that automatically assumes an IAM role (upstream AWS CLI releases are tracked automatically)
Provides a wrapper with-assume-role
to run commands under an assumed role (defined by the value of the environment variable ASSUME_ROLE_ARN
).
Latest releases of awscli
are automatically tracked, updated in ./requirements.txt, and built as tagged Docker images (e.g. sgreben/awscli-with-assume-role:1.16.196
) using Renovate, Gitlab CI, and Quay.io/DockerHub.
docker pull sgreben/awscli-with-assume-role
export ASSUME_ROLE_ARN=arn:aws:iam::123456789012:role/demo
docker run --rm -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e ASSUME_ROLE_ARN \
sgreben/awscli-with-assume-role \
with-assume-role aws sts get-caller-identity # prints arn:aws:iam::123456789012:role/demo if the AssumeRole call was successful