AWS ECS environment variable not available [Python]


I am using AWS ECS with a Python Framework and in my task definition i have the option to add environment variables that will be available to the service(cluster).

Here is where i added the env variables:
enter image description here

When i then try to print all the env variables in my service i do not get access to these variables and i am not sure why. Here i printed all my env using environ:

for a in os.environ:
    print('Var: ', a, 'Value: ', os.getenv(a))
print("all done")

enter image description here

DB_PORT or APP_KEY is not available in my service or python-code.

This is the JSON of my task definition:

        "taskDefinitionArn": "arn:aws:ecs:eu-north-1:******:task-definition/******:3",
        "containerDefinitions": [
                "name": "***",
                "image": "***********",
                "cpu": 0,
                "portMappings": [],
                "essential": true,
                "environment": [
                        "name": "DB_PORT",
                        "value": "5439"
                        "name": "APP_KEY",
                        "value": "qjPYRIBZ0iijcqHHt******"

PS: The python is only running a CRON job (crontab) and not used for open webservice.


*/2 * * * * /home/local/ > /proc/$(cat /var/run/ 2>&1
# Don't remove the empty line at the end of this file. It is required to run the cron job

#!/bin/sh -l

cd /usr/src/app && python craft schedule:run > /proc/$(cat /var/run/ 2>&1

python craft schedule:run runs a python script that just prints the env in first place (just to get this working)

Asked By: Ali Durrani



I had a similar problem and it seems to me that the full environment is passed only to the PID 1 (init process, which in a container should be CMD/ENTRYPOINT command). Cron is not that process so you cannot assume it sees the same environment.

What I did may not be the best solution, it is rather a hack, but it works.

The environment of a process is available in /proc/<pid>/environ, so in this case /proc/1/environ. I grab it from there and I store it in a file for a future use:

for I in `cat /proc/1/environ  | strings`; do echo "export $I"; done > /src/.profile

and then I just source /src/.profile in my scripts (the cron job in your case).

If you need AWS credentials, you may also need access to ECS_CONTAINER_METADATA_URI_V4 environment variable and that one will be also there.

Answered By: petrch