https://github.com/leplusorg/docker-aws-cli

Multi-platform Docker container to run the AWS CLI and related tools (cfn-policy-validator, jq, Git, ZIP, python, perl...).
https://github.com/leplusorg/docker-aws-cli

aws aws-cli cli docker docker-container docker-image dockerfile

Last synced: 27 days ago
JSON representation

Multi-platform Docker container to run the AWS CLI and related tools (cfn-policy-validator, jq, Git, ZIP, python, perl...).

• Host: GitHub
• URL: https://github.com/leplusorg/docker-aws-cli
• Owner: leplusorg
• License: apache-2.0
• Created: 2020-12-29T20:57:33.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2026-02-27T14:13:39.000Z (27 days ago)
• Last Synced: 2026-02-27T19:23:08.506Z (27 days ago)
• Topics: aws, aws-cli, cli, docker, docker-container, docker-image, dockerfile
• Language: Dockerfile
• Homepage: https://hub.docker.com/r/leplusorg/aws-cli
• Size: 1.31 MB
• Stars: 6
• Watchers: 1
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# AWS CLI

Multi-platform Docker container to run the AWS CLI and related tools (`cfn-policy-validator`, `jq`, `git`, `zip`, `python`, `perl`...).

[![Dockerfile](https://img.shields.io/badge/GitHub-Dockerfile-blue)](aws-cli/Dockerfile)

[![Docker Build](https://github.com/leplusorg/docker-aws-cli/workflows/Docker/badge.svg)](https://github.com/leplusorg/docker-aws-cli/actions?query=workflow:"Docker")

[![Docker Stars](https://img.shields.io/docker/stars/leplusorg/aws-cli)](https://hub.docker.com/r/leplusorg/aws-cli)

[![Docker Pulls](https://img.shields.io/docker/pulls/leplusorg/aws-cli)](https://hub.docker.com/r/leplusorg/aws-cli)

[![Docker Version](https://img.shields.io/docker/v/leplusorg/aws-cli?sort=semver)](https://hub.docker.com/r/leplusorg/aws-cli)

[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/10078/badge)](https://bestpractices.coreinfrastructure.org/projects/10078)

[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/leplusorg/docker-aws-cli/badge)](https://securityscorecards.dev/viewer/?uri=github.com/leplusorg/docker-aws-cli)

## Rational

This image is based on the latest official

[public.ecr.aws/amazonlinux/amazonlinux](https://gallery.ecr.aws/amazonlinux/amazonlinux)

image. This image's default entrypoint is a shell (`bash`)

in which you can run not only `aws` but also other commands typically

useful when building a more advanced CI/CD pipeline. For example this

image includes the `jq` utility often very useful to process the

output of the `aws` command. The tool `cfn-policy-validator` is also

included to run IAM policies from a CloudFormation template through

IAM Access Analyzer checks.

Another significant difference with the official AWS images is that this

image is not running using the `root` user. Running as `root` should

not be necessary for CI/CD activities and it is considered a security

risk.

## Usage

To run the AWS CLI using this image:

```bash

docker run --rm -i leplusorg/aws-cli aws --version

```

## Software Bill of Materials (SBOM)

To get the SBOM for the latest image (in SPDX JSON format), use the

following command:

```bash

docker buildx imagetools inspect leplusorg/aws-cli --format '{{ json (index .SBOM "linux/amd64").SPDX }}'

```

Replace `linux/amd64` by the desired platform (`linux/amd64`, `linux/arm64` etc.).

## Provenance

To get the provenance for the latest image (in JSON format), use the

following command:

```bash

docker buildx imagetools inspect leplusorg/aws-cli --format '{{ json .Provenance }}'

```

## Sigstore

[Sigstore](https://docs.sigstore.dev) is trying to improve supply

chain security by allowing you to verify the origin of an

artifact. You can verify that the image that you use was actually

produced by this repository. This means that if you verify the

signature of the Docker image, you can trust the integrity of the

whole supply chain from code source, to CI/CD build, to distribution

on Maven Central or wherever you got the image from.

You can use the following command to verify the latest image using its

sigstore signature attestation:

```bash

cosign verify leplusorg/aws-cli --certificate-identity-regexp 'https://github\.com/leplusorg/docker-aws-cli/\.github/workflows/.+' --certificate-oidc-issuer 'https://token.actions.githubusercontent.com'

```

The output should look something like this:

```text

Verification for index.docker.io/leplusorg/xml:main --

The following checks were performed on each of these signatures:

  - The cosign claims were validated

  - Existence of the claims in the transparency log was verified offline

  - The code-signing certificate was verified using trusted certificate authority certificates

[{"critical":...

```

For instructions on how to install `cosign`, please read this [documentation](https://docs.sigstore.dev/cosign/system_config/installation/).

## Contributing

Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests.

## Security

Please read [SECURITY.md](SECURITY.md) for details on our security policy and how to report security vulnerabilities.

## Code of Conduct

Please read [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) for details on our code of conduct.

## License

This project is licensed under the terms of the [LICENSE](LICENSE) file.