Aws-cli: Provide Official AWS CLI Docker Image

Created on 26 Apr 2018  路  28Comments  路  Source: aws/aws-cli

I was surprised to find that there is no official Docker image for development with the AWS CLI. The "amazon" user on Docker Hub contains only the these images for working specifically with ECS and Elastic Beanstalk, and there do not appear to be any official Amazon Docker images on the new Docker Store yet.

When I searched "aws cli" on Docker Hub, the most popular image (with 1M+ downloads) was this one, created by Mesosphere. It's good enough, with a very simple Dockerfile based on the super-tiny Alpine Linux image. Upon further investigation, I found the aws-codebuild-docker-images repo in this organization, with an ubuntu-base Dockerfile. This image looks great, so why hasn't it been pushed to Docker Hub/Store? For that matter, why haven't any of the images in that repo been pushed? The Mesosphere aws-cli image will work fine, but its simplicity compared to that ubuntu-base made me concerned that it hasn't been properly optimized; similarly, the ubuntu-base image is based off Ubuntu 14.04.5, which is both old and bulky compared to Alpine Linux.

TL; DR
I believe there should be an official aws-cli Docker image maintained by Amazon and pushed to Docker Hub/Store. Ideally, it should support all the major modern Linux distros, including Alpine Linux. One should be able to run the following command, and have everything just work:

docker run -it amazon/aws-cli

EDIT

This Issue is now being tracked at #3553. You should like that one to show your support and leave comments in that thread. This Issue is closed.

duplicate guidance service-api

Most helpful comment

It is also valuable in CI/CD dockerised environments (like Jenkins pipeline). Instead of installing aws-cli on every build, it is easier to just use a Docker image that can be cached.

All 28 comments

Those images you link to are owned by the CodeBuild team for use in their service. If you want them to publish them to docker hub, I would recommend contacting them in their service forum / via support.

In general I'm not sure what value there is in having a docker image that is only the CLI. I can see the value for something that is difficult / complicated to install and get an mvp running, but the CLI is not that complicated: install python, install pip, install cli. Most distros even have a prebuilt package (though you run the risk of being out of date).

An AWS CLI Docker image is useful in Kubernetes deployment scenarios.

It is also valuable in CI/CD dockerised environments (like Jenkins pipeline). Instead of installing aws-cli on every build, it is easier to just use a Docker image that can be cached.

Yeah wow I kinda totally forgot that I opened this issue...

I realize that it might seem trivial to create a Docker image for every little CLI program out there, as apt geting from a Dockerfile should be enough for any sensible user to get up and running. The point is to remove additional steps. Yes I could create a Dockerfile FROM the base debian image, apt get Python, and then get all the other tools I need that depend on Python...or I could just start FROM the Python image and have one less thing to download, one less barrier to using Python, especially for the scenarios mentioned by @xplorld and @alexandrusavin. I didn't raise this issue so much because this is a terrible roadblock that I could not overcome without Amazon's help, but because it seemed like a trivial "why not" for Amazon to implement and add some value for their AWS-and-Docker-using customers.

This is also handy for those who just wants to validate cloudformation templates in a CI pipeline

It would also be useful for local development and keeping up with the latest versions of the CLI. We have had several devs get delayed for longer than necessary in getting the right version of python, the right version of pip, and then the right version of the CLI. Being able to run docker run --rm awscli:latest ... would be very handy.

All, this Issue is now being tracked at #3553. You should like that one to show your support and leave comments in that thread. This Issue is closed.

Docker will be useful.

Definately official Docker image will be usefull

install python, install pip, install cli.

Then run aws and get command not found. Very simple.

For now I'm using a Dockerfile like in this repo:

FROM python:alpine

ARG CLI_VERSION=1.16.86

RUN apk -uv add --no-cache groff jq less && \
    pip install --no-cache-dir awscli==$CLI_VERSION

WORKDIR /aws

CMD sh

It's a trivial stuff to do, but it would be definitely better to have an official image of the aws-cli.

In general I'm not sure what value there is in having a docker image that is only the CLI. I can see the value for something that is difficult / complicated to install and get an mvp running, but the CLI is not that complicated: install python, install pip, install cli.

I can not believe, this is a comment from AWS employee. It's actually sad.

I'm in a similar scenario where I want to run a K8S Cronjob that performs backups to S3, having an official awscli image _sure would be handy right about now_

We are using issue #3553 to track the feature request for this request.

Those images you link to are owned by the CodeBuild team for use in their service. If you want them to publish them to docker hub, I would recommend contacting them in their service forum / via support.

In general I'm not sure what value there is in having a docker image that is only the CLI. I can see the value for something that is difficult / complicated to install and get an mvp running, but the CLI is not that complicated: install python, install pip, install cli. Most distros even have a prebuilt package (though you run the risk of being out of date).

Personally I containerize as much as I can to help keep my workstation clean of multiple packages. Packages that some day may contradict others when updated.

Hello People of Github

It is important to also note that when you are using any CI/CD system that is billing you deployment task duration (e.g. $xx.xx per hours per month etc.), then you can't afford to spend time installing over and over again the tools you need after pulling an image that doesn't have all you need.

In my case, I am seeing a python image being pulled, then the zip package being installed, and now I need the awscli installed and that one takes quite a while to install. It's simply a wasted time that we could do without.

Having a docker image with all pre-installed tools will be priceless.

There is now a docker image builded automatically on each awscli release here

鈿狅笍 Disclaimer : I'm the author

Thanks b4nst. But I have picked one that is built and maintained by Atlassian for the Bitbucket Pipeline. It's on the DockerHub as atlassian/pipelines-awscli (https://hub.docker.com/r/atlassian/pipelines-awscli). And I am using this with their pipeline.

@b4nst please link docker hub repo with your github so we can see the source code

There was already a link to the docker hub page. The code is hosted here

The elephant in the room here is that when people are using CI/CD, and handling sensitive codes that are part of a corporate software, they tend to want to know who and what is handling their code. So even with the good intentions, people tend to get wary when it comes to something not back by a big company unless they see the source code. I personally think that there is nothing wrong with @b4nst's docker image. I checked the code and it's fine. It just happened that the one from Atlassian has a few more things in it that are needed during our deployment processes. For instance, it have git, less among other things. That way, the same image is able to let us clone stuff from any git repository.

Totally agree with that, the best solution is AWS shipping its own up to date docker image (if you trust them for the cli, you trust them for the image). But meanwhile, I think open source is the lesser evil. Even if it's backed by a big company, it could be corrupted (I would not trust Microsoft or Google for an awscli if I can't read the code...)

I made a bakery of images with continuous Deployment to Dockerhub abdennour/aws.

One of images is AWS image.

If you want to upgrade to latest versions, you just need to update .env and open PR.

Even the AWS images for amazonlinux which state in the documentation that amazonlinux has the cli installed by default... don't.

Amazon is a monopoly and they know it. They don't have to care?

+1

I ended up here while searching for one and found an official image afterwards, so I'll stick the it here for anyone who finds this thread in the future.

https://hub.docker.com/r/amazon/aws-cli

@Xaeonn Correct, that is the new official AWS CLI Docker image. An Amazon dev just announced this last night in #3553, where this issue is now being tracked, as I commented above.

install python, install pip, install cli.

Then run aws and get command not found. Very simple.

:smile: :laughing: :laughing: classic :100: , always makes my day

Was this page helpful?
0 / 5 - 0 ratings