You currently have three options to provide AWS Security Credentials:
This is the recommended approach to share and manage AWS credentials:
|
Refer to the Identity Federation for AWS Administrator's Guide for details on how to configure the connectors.
As of release 2.5, you can use IAM Roles for Amazon EC2 to optionally skip credentials configuration all together: if an agent happens to run on an EC2 instance started with an instance profile (IAM role), the tasks can be configured to facilitate those credentials. Of course, the underlying IAM role needs to have a sufficient policy attached to grant the the required permissions for the task at hand.
This feature requires the Amazon EC2 instance running the agent to be started with an EC2 instance profile. There are three different scenarios:
This is not recommended, but easy to get started with:
|
If you prefer this solution, you might still want to ease credentials reuse a bit via variable substitution as follows:
${bamboo.awsAccessKeyPassword}
and ${bamboo.awsSecretKeyPassword}
awsAccessKeyPassword
and awsSecretKeyPassword
given this example) with the actual credentials, which will then be substituted on task execution accordingly