AWS Cloudwatch Logs with Docker Container - NoCredentialProviders: No valid providers in chain
My dock file:
version: '2'
services:
scraper:
build: ./Scraper/
logging:
driver: "awslogs"
options:
awslogs-region: "eu-west-1"
awslogs-group: "doctors-logs"
awslogs-stream: "scrapers-stream"
volumes:
- ./Scraper/spiders:/spiders
I added my AWS credentials to my Mac using aws configure command and the credentials were saved correctly in ~ / .aws / credentials
When I run docker compose I get the following error:
ERROR: For scraper Failed to start service scraper: Failed to initialize logging driver: NoCredentialProviders: There are no valid providers in the chain.
Obsolete. For detailed messages see Aws.Config.CredentialsChainVerboseErrors
ERROR: Errors when starting the project.
I believe this is because I need to set AWS credentials in the Docker Daemon, but I cannot figure out how this is done on macOs Sierra.
source to share
I understood. When deploying your own EC2 instance (without using automated solutions like Beanstalk), you need to assign a role to your EC2 instance so that it can communicate with other AWS services.
The policy is that the Docker docs provide at https://docs.docker.com/engine/admin/logging/awslogs/
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
then you need to attach this policy to the role
the role is the first, called "Amazon EC2", which reads "Allows EC2 instances to call AWS services on your behalf."
Since you're only limiting your access to CloudWatch, you're good to go. Then, in your EC2 list, attach the role to your instance using "Attach / Replace IAM Role":
You must be kind!
source to share