Question 333503 in Visual Studio Code Question posted in
View the official documentation.

Visual Studio Code – Using locally stored configuration files in dev container features

I am looking into dev containers in visual studio code and possible features like CLI’s, like the AWS CLI: https://github.com/devcontainers/features/tree/main/src/aws-cli.

Is it possible to install this in a manner that it will look for the configuration file that holds the credentials to login to the AWS account on the local file system (not the file system of the container)?

Asking this question due to the fact that I use SSO to login to my AWS account, and the configuration for this is stored on my local file system, and is not something that should be checked in into a remote repository.

Tags:

2

Answers


  1. 0

    Yes, it is possible to configure AWS CLI in a dev container in Visual Studio Code to use credentials stored on your local file system. You can achieve this by mounting the local AWS configuration files into the container. Here are the steps:

    1. Mount the AWS configuration files:
      In your dev container configuration or Dockerfile, ensure that you mount the directory containing your AWS configuration files into the container. For example:

      ```Dockerfile
FROM mcr.microsoft.com/vscode/devcontainers/python:3.9

# Mount the AWS configuration directory
COPY .aws /root/.aws
```

      Ensure that your .aws directory on the local machine contains the necessary configuration files, including config and credentials with your SSO settings.

    2. Configure AWS CLI to use the local files:
      Inside your dev container, make sure that the AWS CLI is configured to use the mounted files. You can set the AWS_SHARED_CREDENTIALS_FILE and AWS_CONFIG_FILE environment variables:

      ```Dockerfile
ENV AWS_SHARED_CREDENTIALS_FILE=/root/.aws/credentials
ENV AWS_CONFIG_FILE=/root/.aws/config
```

      This ensures that AWS CLI looks for credentials and configuration in the specified paths.

    3. Ensure proper permissions:
      Make sure that the mounted files have the necessary permissions for the container to read them.

    With these configurations, the AWS CLI inside your dev container will use the AWS configuration files from your local machine, allowing you to leverage SSO without storing sensitive information in your remote repository.

    Login or Signup to reply.
  2. 0

    Certainly! You can achieve the same configuration using devcontainer.json instead of a Dockerfile. Here’s an example devcontainer.json file:

    // .devcontainer/devcontainer.json

{
  "name": "Python with AWS CLI",
  "dockerFile": "Dockerfile",
  "extensions": ["ms-python.python"],
  "settings": {
    "python.pythonPath": "/usr/local/bin/python",
    "terminal.integrated.shell.linux": "/bin/bash"
  },
  "mounts": ["source=${localWorkspaceFolder}/.aws,target=/root/.aws,type=bind,consistency=cached"],
  "remoteUser": "vscode",
  "runArgs": ["-u", "vscode"],
  "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind,consistency=cached",
  "workspaceFolder": "/workspace",
  "postCreateCommand": "pip install -r requirements.txt"
}

    In this example, we’re using the mounts property to mount the local .aws directory into the container at /root/.aws. This is equivalent to copying the .aws directory in the Dockerfile.

    Also, note that the dockerFile property refers to the Dockerfile used by the dev container. Make sure you have a Dockerfile in the specified location with the necessary configurations.

    Remember to adjust the paths and configurations based on your specific project structure and requirements.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search