mirror/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-06-19 07:35:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #25348 from Rebaka8/docs/awslogs-credential-refresh-note

Browse Source 
Add note about temporary credential refresh behavior for awslogs
This commit is contained in:
Rebaka8
2026-06-17 18:56:47 +05:30
committed by GitHub
parent d22eea2e85
commit a9278c30e6
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/manuals/engine/logging/drivers/awslogs.md
+8
View File
@@ -338,6 +338,14 @@ default AWS shared credentials file (`~/.aws/credentials` of the root user), or
if you are running the Docker daemon on an Amazon EC2 instance, the Amazon EC2
instance profile.
> [!NOTE]
> Docker reads AWS credentials when the container starts.
> If you use a shared AWS credentials file with temporary credentials,
> updating the file later does not automatically update the credentials
> used by the running container. When the temporary credentials expire,
> log delivery to Amazon CloudWatch Logs can fail. Restart the container
> after refreshing the credentials so Docker can load the updated values.
Credentials must have a policy applied that allows the `logs:CreateLogStream`
and `logs:PutLogEvents` actions, as shown in the following example.