diff --git a/bin/run_integration_tests.sh b/bin/run_integration_tests.sh
index b25763b95..bfb5556c5 100755
--- a/bin/run_integration_tests.sh
+++ b/bin/run_integration_tests.sh
@@ -29,26 +29,19 @@ docker cp autograph-app-hsm:/tmp/normandy_dev_root_hash.txt .
 APP_HSM_NORMANDY_ROOT_HASH=$(grep '[0-9A-F]' normandy_dev_root_hash.txt | tr -d '\r\n')
 
 # start the monitor lambda emulators
-docker compose up -d monitor-lambda-emulator
-AUTOGRAPH_ROOT_HASH=$APP_HSM_NORMANDY_ROOT_HASH docker compose up -d monitor-hsm-lambda-emulator
-
-echo "waiting for monitor-lambda-emulator to start"
-while test "true" != "$(docker inspect -f {{.State.Running}} autograph-monitor-lambda-emulator)"; do
-  echo -n "."
-  sleep 1 # wait before checking again
-done
-echo "waiting for monitor-hsm-lambda-emulator to start"
-while test "true" != "$(docker inspect -f {{.State.Running}} autograph-monitor-hsm-lambda-emulator)"; do
-  echo -n "."
-  sleep 1 # wait before checking again
-done
+echo "checking autograph monitors"
+docker compose run \
+			--rm \
+      		-e AUTOGRAPH_URL=http://app:8000/ \
+			--entrypoint /usr/local/bin/lambda-selftest-entrypoint.sh \
+			monitor-lambda-emulator /go/bin/autograph-monitor
 
-echo "checking monitoring using hsm root hash:" "$APP_HSM_NORMANDY_ROOT_HASH"
-# exec in containers to workaround https://circleci.com/docs/2.0/building-docker-images/#accessing-services
-docker compose exec monitor-lambda-emulator "/usr/local/bin/test_monitor.sh"
-docker compose logs monitor-lambda-emulator
-docker compose exec monitor-hsm-lambda-emulator "/usr/local/bin/test_monitor.sh"
-docker compose logs monitor-hsm-lambda-emulator
+docker compose run \
+			--rm \
+      		-e AUTOGRAPH_URL=http://autograph-app-hsm:8001/ \
+			-e AUTOGRAPH_ROOT_HASH=$APP_HSM_NORMANDY_ROOT_HASH \
+			--entrypoint /usr/local/bin/lambda-selftest-entrypoint.sh \
+			monitor-hsm-lambda-emulator /go/bin/autograph-monitor
 
 echo "checking read-only API"
 # user bob doesn't exist in the softhsm config
diff --git a/docker-compose.yml b/docker-compose.yml
index 4d91884f1..237b99332 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -66,10 +66,7 @@ services:
   monitor:
     container_name: autograph-monitor
     image: autograph-app
-    command:
-      [
-        "/go/bin/autograph-monitor",
-      ]
+    command: ["/go/bin/autograph-monitor"]
 
   monitor-lambda-emulator:
     container_name: autograph-monitor-lambda-emulator
@@ -83,6 +80,7 @@ services:
       # set a non-empty value to use the lambda handler
       - LAMBDA_TASK_ROOT=/usr/local/bin/
       - AUTOGRAPH_ROOT_HASH
+    command: ["/go/bin/autograph-monitor"]
     ports:
       - "9000:8080"
     links:
@@ -104,6 +102,7 @@ services:
       # set a non-empty value to use the lambda handler
       - LAMBDA_TASK_ROOT=/usr/local/bin/
       - AUTOGRAPH_ROOT_HASH
+    command: ["/go/bin/autograph-monitor"]
     ports:
       - "9001:8080"
     links:
diff --git a/tools/autograph-client/integration-tests.yml b/tools/autograph-client/integration-tests.yml
index 776e239d6..ffb218343 100644
--- a/tools/autograph-client/integration-tests.yml
+++ b/tools/autograph-client/integration-tests.yml
@@ -58,3 +58,13 @@ services:
       - TARGET=http://app:8000
       - VERIFY=1
     command: [ "./build_test_apks.sh" ]
+
+  test-monitor-app:
+    container_name: test-monitor-app
+    extends:
+      file: ../../docker-compose.yml
+      service: monitor-lambda-emulator
+    entrypoint: [ "/usr/local/bin/lambda-selftest-entrypoint.sh" ]
+
+  # TODO: Add a monitor test for the HSM lambda - tricky because we need
+  # a way to dynamically grab the root hash from the HSM.
diff --git a/tools/autograph-client/test-entrypoint.sh b/tools/autograph-client/test-entrypoint.sh
index fb15abba9..43243fe5e 100755
--- a/tools/autograph-client/test-entrypoint.sh
+++ b/tools/autograph-client/test-entrypoint.sh
@@ -20,4 +20,4 @@ fi
 
 # Run the test
 set -e
-/bin/bash -c "$@"
+exec "$@"
diff --git a/tools/autograph-monitor/Dockerfile.lambda-emulator b/tools/autograph-monitor/Dockerfile.lambda-emulator
index 29a96f399..2bc095d3d 100644
--- a/tools/autograph-monitor/Dockerfile.lambda-emulator
+++ b/tools/autograph-monitor/Dockerfile.lambda-emulator
@@ -2,11 +2,13 @@ FROM autograph-app
 
 USER root
 
-RUN cp /app/src/autograph/bin/test_monitor.sh /usr/local/bin/test_monitor.sh
 RUN curl -Lo /usr/local/bin/aws-lambda-rie \
     https://github.com/aws/aws-lambda-runtime-interface-emulator/releases/latest/download/aws-lambda-rie \
     && \
-    chmod +x /usr/local/bin/aws-lambda-rie /usr/local/bin/test_monitor.sh
+    chmod +x /usr/local/bin/aws-lambda-rie
+
+COPY lambda-selftest-entrypoint.sh /usr/local/bin/lambda-selftest-entrypoint.sh
 
 USER app
-CMD ["/usr/local/bin/aws-lambda-rie", "/go/bin/autograph-monitor"]
+ENTRYPOINT ["/usr/local/bin/aws-lambda-rie"]
+CMD ["/go/bin/autograph-monitor"]
diff --git a/bin/test_monitor.sh b/tools/autograph-monitor/lambda-selftest-entrypoint.sh
old mode 100644
new mode 100755
similarity index 59%
rename from bin/test_monitor.sh
rename to tools/autograph-monitor/lambda-selftest-entrypoint.sh
index ddb248105..4b250c11e
--- a/bin/test_monitor.sh
+++ b/tools/autograph-monitor/lambda-selftest-entrypoint.sh
@@ -3,8 +3,17 @@
 set -e
 set -o pipefail
 
+# Fork to start the AWS runtime emulator
+/usr/local/bin/aws-lambda-rie "$@" &
+AWS_RUNTIME_PID=$!
+cleanup() {
+    kill -TERM $AWS_RUNTIME_PID
+    wait $AWS_RUNTIME_PID
+}
+trap cleanup EXIT SIGINT SIGTERM
+
 # invoke a test monitor run in a lambda monitor
-MONITOR_ERROR=$(curl -w '\n' -X POST 'http://localhost:8080/2015-03-31/functions/function/invocations' -d '{}')
+MONITOR_ERROR=$(curl -s -w '\n' -X POST 'http://localhost:8080/2015-03-31/functions/function/invocations' -d '{}')
 
 # If the result was null - then we succeeded!
 if [ "${MONITOR_ERROR}" == "null" ]; then
@@ -19,4 +28,3 @@ else
     echo "${MONITOR_ERROR}" | jq >&2
 fi
 exit 1
-