9

I save all secret data into AWS Parameter Store, my app run with docker-compose and I try to evaluate aws ssm get-parameters just inside docker-compose.yaml:

version: "3.7"

services:
  db:
    image: postgres
    restart: always
    volumes:
      - /home/ec2-user/dbdata:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: $$(aws ssm get-parameters --name DB_USERNAME --region eu-north-1 --output text --query Parameters[].Value)
      POSTGRES_PASSWORD: $$(aws ssm get-parameters --name DB_PASSWORD --region eu-north-1 --output text --with-decryption --query Parameters[].Value)
      POSTGRES_DB: $$(aws ssm get-parameters --name DB_NAME --region eu-north-1 --output text --query Parameters[].Value)
    ports:
      - 5432:5432

  auth:
    build: .
    restart: always
    environment:
      DB_ENDPOINT: $$(aws ssm get-parameters --name DB_ENDPOINT --region eu-north-1 --output text --query Parameters[].Value)
      DB_USERNAME: $$(aws ssm get-parameters --name DB_USERNAME --region eu-north-1 --output text --query Parameters[].Value)
      DB_PASSWORD: $$(aws ssm get-parameters --name DB_PASSWORD --region eu-north-1 --output text --with-decryption --query Parameters[].Value)
      JWT_KEY: $$(aws ssm get-parameters --name JWT_KEY --region eu-north-1 --output text --query Parameters[].Value)
      JWT_EXPIRED: $$(aws ssm get-parameters --name JWT_EXPIRED --region eu-north-1 --output text --query Parameters[].Value)
    depends_on:
      - db
    links:
      - db
    ports:
      - 80:80

But construction $$(<command>) doesn't work.

Instead of expected values from the parameter store, I'm getting

$(get-parameters --name DB_ENDPOINT --region eu-north-1 --output text --query Parameters[].Value)

I know how to do this with prepare a script like export MY_VAR="$(get-parameters ...)" that is understood.

But the question is can I fetch Parameter Store values just in docker-compose.yaml if yes, how?

Pavel
  • 2,005
  • 5
  • 36
  • 68

0 Answers0