This topic describes how to run, version control, and configure the AWS CLI version 2 on Docker using either the official Amazon Elastic Container Registry Public (Amazon ECR Public) or Docker Hub image. For more information on how to use Docker, see Docker's documentation.
Official images provide isolation, portability, and security that AWS directly supports and maintains. This enables you to use the AWS CLI version 2 in a container-based environment without having to manage the installation yourself.
PrerequisitesYou must have Docker installed. For installation instructions, see the Docker website.
To verify your installation of Docker, run the following command and confirm there is an output.
$ docker --version
Docker version 19.03.1We recommend using Amazon ECR Public over Docker Hub for AWS CLI images. Docker Hub has stricter rate limiting for public consumers which can cause throttling issues. In addition, Amazon ECR Public replicates images in more than one region to provide strong availability and handle region outage issues.
For more information on Docker Hub rate limiting see Understanding Docker Hub Rate Limiting on the Docker website.
Run the official AWS CLI version 2 imagesThe first time you use the docker run command, the latest image is downloaded to your computer. Each subsequent use of the docker run command runs from your local copy.
To run the AWS CLI version 2 Docker images, use the docker run command.
The official AWS CLI version 2 Amazon ECR Public image is hosted on Amazon ECR Public in the aws-cli/aws-cli repository.
$ docker run --rm -it public.ecr.aws/aws-cli/aws-cli commandThe official AWS CLI version 2 Docker image is hosted on Docker Hub in the amazon/aws-cli repository.
$ docker run --rm -it amazon/aws-cli commandThis is how the command functions:
docker run --rm -it â The equivalent of the repository/nameaws executable. Each time you run this command, Docker spins up a container of your downloaded image, and executes your aws command. By default, the image uses the latest version of the AWS CLI version 2.
For example, to call the aws --version command in Docker, you run the following.
$ docker run --rm -it public.ecr.aws/aws-cli/aws-cli --version
aws-cli/2.27.41 Python/3.7.3 Linux/4.9.184-linuxkit botocore/2.4.5dev10$ docker run --rm -it amazon/aws-cli --version
aws-cli/2.27.41 Python/3.7.3 Linux/4.9.184-linuxkit botocore/2.4.5dev10--rm â Specifies to clean up the container after the command exits.
-it â Specifies to open a pseudo-TTY with stdin. This enables you to provide input to the AWS CLI version 2 while it's running in a container, for example, by using the aws configure and aws help commands. When choosing whether to omit -it, consider the following:
If you are running scripts, -it is not needed.
If you are experiencing errors with your scripts, omitting -it from your Docker call might fix the issue.
If you are trying to pipe output, -it might cause errors and omitting -it from your Docker call might resolve this issue. If you'd like to keep the -it flag, but still would like to pipe output, disabling the client-side pager the AWS CLI uses by default should resolve the issue.
For more information about the docker run command, see the Docker reference guide.
The only tool supported on the image is the AWS CLI. Only the aws executable should ever be directly run. For example, even though less and groff are explicitly installed on the image, they should not be executed directly outside of an AWS CLI command.
The /aws working directory is user controlled. The image will not write to this directory, unless instructed by the user in running an AWS CLI command.
There are no backwards compatibility guarantees in relying on the latest tag. To guarantee backwards compatibility, you must pin to a specific <major.minor.patch> tag as those tags are immutable; they will only ever be pushed to once.
The official AWS CLI version 2 image has multiple versions you can use, starting with version 2.0.6. To run a specific version of the AWS CLI version 2, append the appropriate tag to your docker run command. The first time you use the docker run command with a tag, the latest image for that tag is downloaded to your computer. Each subsequent use of the docker run command with that tag runs from your local copy.
You can use two types of tags:
latest â Defines the latest version of the AWS CLI version 2 for the image. We recommend you use the latest tag when you want the latest version of the AWS CLI version 2. However, there are no backward-compatibility guarantees when relying on this tag. The latest tag is used by default in the docker run command. To explicitly use the latest tag, append the tag to the container image name.
$ docker run --rm -it public.ecr.aws/aws-cli/aws-cli:latest command$ docker run --rm -it amazon/aws-cli:latest command<major.minor.patch> â Defines a specific version of the AWS CLI version 2 for the image. If you plan to use an official image in production, we recommend you use a specific version of the AWS CLI version 2 to ensure backward compatibility. For example, to run version 2.0.6, append the version to the container image name.
$ docker run --rm -it public.ecr.aws/aws-cli/aws-cli:2.0.6 command$ docker run --rm -it amazon/aws-cli:2.0.6 commandBecause the latest image is downloaded to your computer only the first time you use the docker run command, you need to manually pull an updated image. To manually update to the latest version, we recommend you pull the latest tagged image. Pulling the image downloads the latest version to your computer.
$ docker pull public.ecr.aws/aws-cli/aws-cli:latest$ docker pull amazon/aws-cli:latestBecause the AWS CLI version 2 is run in a container, by default the CLI can't access the host file system, which includes configuration and credentials. To share the host file system, credentials, and configuration to the container, mount the host systemâs ~/.aws directory to the container at /root/.aws with the -v flag to the docker run command. This allows the AWS CLI version 2 running in the container to locate host file information.
Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli commandWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli commandWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli commandLinux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws amazon/aws-cli commandWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws amazon/aws-cli commandWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws amazon/aws-cli commandFor more information about the -v flag and mounting, see the Docker reference guide.
In this example, we're providing host credentials and configuration when running the s3 ls command to list your buckets in Amazon Simple Storage Service (Amazon S3). The below examples use the default location for AWS CLI credentials and configuration files, to use a different location, change the file path.
Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws public.ecr.aws/aws-cli/aws-cli s3 lsLinux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws amazon/aws-cli s3 lsYou can call specific system's environment variables using the -e flag. To use an environment variable, call it by name.
Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -e ENVVAR_NAME public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -e ENVVAR_NAME public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -e ENVVAR_NAME public.ecr.aws/aws-cli/aws-cli s3 lsLinux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -e ENVVAR_NAME amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -e ENVVAR_NAME amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -e ENVVAR_NAME amazon/aws-cli s3 lsFor some AWS CLI version 2 commands, you can read files from the host system in the container or write files from the container to the host system.
In this example, we download the S3 object s3://aws-cli-docker-demo/hello to your local file system by mounting the current working directory to the container's /aws directory. By downloading the hello object to the container's /aws directory, the file is saved to the host systemâs current working directory also.
Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws public.ecr.aws/aws-cli/aws-cli s3 cp s3://aws-cli-docker-demo/hello .
download: s3://aws-cli-docker-demo/hello to ./helloWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws public.ecr.aws/aws-cli/aws-cli s3 cp s3://aws-cli-docker-demo/hello .
download: s3://aws-cli-docker-demo/hello to ./helloWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws public.ecr.aws/aws-cli/aws-cli s3 cp s3://aws-cli-docker-demo/hello .Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws amazon/aws-cli s3 cp s3://aws-cli-docker-demo/hello .
download: s3://aws-cli-docker-demo/hello to ./helloWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws amazon/aws-cli s3 cp s3://aws-cli-docker-demo/hello .
download: s3://aws-cli-docker-demo/hello to ./helloWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws amazon/aws-cli s3 cp s3://aws-cli-docker-demo/hello .To confirm the downloaded file exists in the local file system, run the following.
Linux and macOS
$ cat hello
Hello from Docker!Windows PowerShell
$ type hello
Hello from Docker!You can call specific system's environment variables using the -e flag. Call each environment variable you'd like to use. In this example, we're providing host credentials, configuration, and the AWS_PROFILE environment variable when running the s3 ls command to list your buckets in Amazon Simple Storage Service (Amazon S3).
Linux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -e AWS_PROFILE public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -e AWS_PROFILE public.ecr.aws/aws-cli/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -e AWS_PROFILE public.ecr.aws/aws-cli/aws-cli s3 lsLinux and macOS
$ docker run --rm -it -v ~/.aws:/root/.aws -e AWS_PROFILE amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows Command Prompt
$ docker run --rm -it -v %userprofile%\.aws:/root/.aws -e AWS_PROFILE amazon/aws-cli s3 ls
2020-03-25 00:30:48 aws-cli-docker-demoWindows PowerShell
C:\> docker run --rm -it -v $env:userprofile\.aws:/root/.aws -e AWS_PROFILE amazon/aws-cli s3 lsTo shorten the docker run command, we suggest you use your operating system's ability to create a symbolic link (symlink) or alias in Linux and macOS, or doskey in Windows. To set the aws alias, you can run one of the following commands.
For basic access to aws commands, run the following.
Linux and macOS
$ alias aws='docker run --rm -it public.ecr.aws/aws-cli/aws-cli'Windows Command Prompt
C:\> doskey aws=docker run --rm -it public.ecr.aws/aws-cli/aws-cli $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it public.ecr.aws/aws-cli/aws-cli $args}
Set-Alias -Name aws -Value AWSCLILinux and macOS
$ alias aws='docker run --rm -it amazon/aws-cli'Windows Command Prompt
C:\> doskey aws=docker run --rm -it amazon/aws-cli $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it amazon/aws-cli $args}
Set-Alias -Name aws -Value AWSCLIFor access to the host file system and configuration settings when using aws commands, run the following.
Linux and macOS
$ alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws public.ecr.aws/aws-cli/aws-cli'Windows Command Prompt
C:\> doskey aws=docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws public.ecr.aws/aws-cli/aws-cli $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws public.ecr.aws/aws-cli/aws-cli $args}
Set-Alias -Name aws -Value AWSCLILinux and macOS
$ alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws amazon/aws-cli'Windows Command Prompt
C:\> doskey aws=docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws amazon/aws-cli $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws amazon/aws-cli $args}
Set-Alias -Name aws -Value AWSCLITo assign a specific version to use in your aws alias, append your version tag.
Linux and macOS
$ alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws public.ecr.aws/aws-cli/aws-cli:2.0.6'Windows Command Prompt
C:\> doskey aws=docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws public.ecr.aws/aws-cli/aws-cli:2.0.6 $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws public.ecr.aws/aws-cli/aws-cli:2.0.6 $args}
Set-Alias -Name aws -Value AWSCLILinux and macOS
$ alias aws='docker run --rm -it -v ~/.aws:/root/.aws -v $(pwd):/aws amazon/aws-cli:2.0.6'Windows Command Prompt
C:\> doskey aws=docker run --rm -it -v %userprofile%\.aws:/root/.aws -v %cd%:/aws amazon/aws-cli:2.0.6 $*Windows PowerShell
C:\> Function AWSCLI {docker run --rm -it -v $env:userprofile\.aws:/root/.aws -v $pwd\aws:/aws amazon/aws-cli:2.0.6 $args}
Set-Alias -Name aws -Value AWSCLIAfter setting your alias, you can run the AWS CLI version 2 from within a container as if it's installed on your host system.
$ aws --version
aws-cli/2.27.41 Python/3.7.3 Linux/4.9.184-linuxkit botocore/2.4.5dev10RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4