Skip to content

Commit a4d39a4

Browse files
hadiqurhadiqur
committed
chore: update README
1 parent fb641eb commit a4d39a4

1 file changed

Lines changed: 13 additions & 7 deletions

File tree

README.md

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ To run the Lambda function outside of a container, we need to execute the `handl
103103
export AWS_PROFILE=github-copilot-usage-lambda
104104
```
105105

106-
This allows you to assume the AWS IAM role for service, enabling the most secure development experience. This also means you will have limited permissions until you exit out of the profile.
106+
This allows you to assume the AWS IAM role for the service, enabling the most secure development experience. This also means you will have limited permissions until you exit out of the profile.
107107

108108
**Note:** See the Developer Onboarding Guide on the "Using AWS SSO for Local Development" page on Confluence to set up service profile selection on your local machine.
109109

@@ -149,14 +149,20 @@ To run the Lambda function outside of a container, we need to execute the `handl
149149
| --------------------------- | ------ | ------------ | -------------- | ----- |
150150
| copilot-usage-lambda-script | latest | 0bbe73d9256f | 11 seconds ago | 224MB |
151151

152-
3. Run the image locally mapping local host port (9000) to container port (8080) and passing in AWS credentials to download a .pem file from the AWS Secrets Manager to the running container. These credentials will also be used to upload and download `historic_usage_data.json` to and from S3.
152+
3. Sign in with AWS SSO:
153153

154-
The credentials used in the below command are for a user in AWS that has permissions to retrieve secrets from AWS Secrets Manager and upload and download files from AWS S3.
154+
```bash
155+
aws sso login
156+
```
157+
158+
**Note:** See the Developer Onboarding Guide on the "Using AWS SSO for Local Development" page on Confluence to set up service profile selection on your local machine. This is essential as the `~/.aws` directory is mounted to the container, so it can use the SSO session for AWS authentication.
159+
160+
4. Run the image locally mapping local host port (9000) to container port (8080).
155161

156162
```bash
157163
docker run --platform linux/amd64 -p 9000:8080 \
158-
-e AWS_ACCESS_KEY_ID=<aws_access_key_id> \
159-
-e AWS_SECRET_ACCESS_KEY=<aws_secret_access_key> \
164+
-v ~/.aws:/root/.aws \
165+
-e AWS_PROFILE=github-copilot-usage-lambda \
160166
-e AWS_DEFAULT_REGION=eu-west-2 \
161167
-e AWS_SECRET_NAME=<aws_secret_name> \
162168
-e GITHUB_ORG=ONSDigital \
@@ -167,15 +173,15 @@ To run the Lambda function outside of a container, we need to execute the `handl
167173

168174
Once the container is running, a local endpoint is created at `localhost:9000/2015-03-31/functions/function/invocations`.
169175

170-
4. Post to the endpoint to trigger the function
176+
5. Post to the endpoint to trigger the function
171177

172178
```bash
173179
curl "http://localhost:9000/2015-03-31/functions/function/invocations" -d '{}'
174180
```
175181

176182
This should return a message if successful.
177183

178-
5. Once testing is finished, stop the running container
184+
6. Once testing is finished, stop the running container
179185

180186
To check the container is running
181187

0 commit comments

Comments
 (0)