The Root Cause

This “Permission Denied” error on AWS EC2 typically occurs because the default user provisioned (e.g., ec2-user, ubuntu, centos) is not a member of the docker group. Without membership in this group, the user lacks the necessary permissions to interact with the Docker daemon’s Unix socket (/var/run/docker.sock) directly, requiring sudo for every command or resulting in an error.

Quick Fix (CLI)

Execute these commands to add your current user to the docker group and apply the changes immediately:

# Add the current user to the 'docker' group
sudo usermod -aG docker $USER

# Apply the new group membership for the current session
# (Alternatively, log out and log back in, but newgrp is quicker)
newgrp docker

Configuration Check

While the usermod command is the recommended way to manage group memberships, the underlying configuration file affected by this change is /etc/group.

• File to edit (or verify changes in): /etc/group

• Lines to change (conceptually, usermod handles this): Locate the line beginning with docker:. You should see your username appended to the list of members for the docker group.

  Before (Example):

  docker:x:999:

  After (Example, if your user is ec2-user):

  docker:x:999:ec2-user

Verification

Run a simple Docker command without sudo to confirm the permission fix is effective:

docker ps

A successful output showing running containers or an empty list (if no containers are running) without a “permission denied” error confirms the fix. You can also verify your group memberships:

groups $USER

This command should list docker among your current user’s groups.