How to integrate with AWS dynamic secrets? #184
Labels
Comments
|
Hello. AWS dynamically secrets are an important part of CI/CD. Please help me to understand how can I use it? |
|
Just found an alternative https://subhasisray.medium.com/vault-integration-with-jenkins-and-aws-authentication-da68a084e36c |
|
I was struggling with the same: accessing aws backend to dynamically generate IAM credentials. I was able to get it working in my pipeline using the following: stage('Vault-Test') {
steps {
withVault(
configuration: [
timeout: 60,
engineVersion: 1,
vaultCredentialId: 'my-approle', vaultUrl: 'https://my-vault.net'],
vaultSecrets: [
[
path: 'aws/creds/my-iam-role',
secretValues: [
[envVar: 'AWS_SECRET_ACCESS_KEY', vaultKey: 'secret_key'],
[envVar: 'AWS_ACCESS_KEY_ID', vaultKey: 'access_key'],
[envVar: 'AWS_SESSION_TOKEN', vaultKey: 'security_token']
]
]
]) {
script {
sh '''
aws sts get-caller-identity
'''
}
}
} // end steps
} // end stageIn my case, the key was setting |
|
@muroj Excellent! Good job! Thank You so much! It is work. You are genius! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
We are trying to configure Jenkins vault URL and credentials with AWS dynamic secrets.
This seems to be working with approle but we are not sure how to configure with AWS. Need to understand how we actually generate the aws secret dynamically with jenkins vault plugin. Any code reference would be helpful
Version report
Jenkins and plugins versions report:
The text was updated successfully, but these errors were encountered: