I’d like to be able to mount a local directory (${HOME}/.aws) into the container and have it accessible by the user I’ve created with in it.

However, my host user have UID=501 and the files are mode=0600. The container user have UID=10000 (just a big, round number :).

However, this means that the container user can’t read it the files…

Is there a way to map UID=501 -> UID=10000 ? I’ve tried the userns-remapping at

but that don’t seem to work…

$ cat /etc/subuid /etc/subgid /etc/docker/daemon.json
hostuser:1:65536
hostuser:1:65536
{
  "userns-remap": "hostuser"
}

The image is created something like this:

FROM debian:buster
RUN adduser --uid 10000 containeruser --shell /bin/sh
USER containeruser
WORKDIR /tmp

And then run the container as

sudo docker run --rm -it \
    --volume "${HOME}/.aws:/home/containeruser/.aws:ro" \
    myimage /bin/bash

which results in:

containeruser@9d41d6b3cd67:/tmp$ cat /home/containeruser/.aws/credentials
cat: /home/containeruser/.aws/credentials: Permission denied