I want to spin up a docker swarm cluster on AWS. We plan to use IAM roles to define the access level of each service inside the docker swarm cluster. Is there a way to achieve this? I did go through below article but it was 4 years ago and I believe there would have been progress in this are since Kubernetes have a provision of specifying role for every namespace. Do we have something like this for docker swarm ?
https://eng.lyft.com/scoping-aws-iam-roles-to-docker-containers-c9c5f8f2f75
There is no native way to have Docker Swarm services have an assigned role at this time, AWS does not have access to services on EC2 hosts.
A number of third party solutions exist which will essentially assume a role that exists in AWS and then pass these temporary credentials as environment variables into each Docker container. To do this the EC2 host would need an IAM role that has permissions to assume the role(s) that are required.
Whilst AWS does not support IAM roles on docker swarm they do have 2 container orchestration based products:
Both of these products allow a Task IAM role that can provided to the containers that are running in the solution.
