I want to trigger the AWS backup service whenever the Bitbucket pipeline runs and i am using Open ID connect and it works well for deployment on S3 and Elastic Beanstalk as the backend
currently, I am using the same IAM Role: AWS_OIDC_ROLE_ARN to trigger the AWS Backup service and also created a lambda function to trigger the AWS backup service when Bitbucket triggers lambda,.
Both approaches got the same error
Parameter validation failed:
Invalid length for parameter WebIdentityToken, value: 1, valid min length: 4
and it's due to the Open ID connect approach, how to resolve this issue
here is my script
pipelines:
default:
- step:
name: Install AWS CLI v2 and Invoke Lambda
image: node:16
script:
- curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
- unzip awscliv2.zip
- ./aws/install
- aws --version
# Set up the environment for Lambda invocation
- export AWS_REGION=ca-central-1
- export AWS_ROLE_ARN=arn:aws:iam::468973563763:role/BitBucket-access-Role-EB-deploy
- export AWS_WEB_IDENTITY_TOKEN_FILE=$(pwd)/web-identity-token
- echo $BITBUCKET_STEP_OIDC_TOKEN > $AWS_WEB_IDENTITY_TOKEN_FILE
- echo "$BITBUCKET_STEP_OIDC_TOKEN" | wc -m
- echo "$BITBUCKET_STEP_OIDC_TOKEN" > $AWS_WEB_IDENTITY_TOKEN_FILE
- cat $AWS_WEB_IDENTITY_TOKEN_FILE # Check the content of the token
- cat $AWS_WEB_IDENTITY_TOKEN_FILE # Check the content of the token
- unset AWS_ACCESS_KEY_ID
- unset AWS_SECRET_ACCESS_KEY
# Invoke the Lambda function
- aws lambda invoke --function-name Custom_RDS_Backup_using_AWS_CODEPIPELINE --invocation-type Event --payload '{"key":"value"}' --region $AWS_REGION response.json
Hi Saad and welcome to the community!
I noticed that your step doesn't have OIDC enabled. Can you try adding
oidc: true
in the step and then run another build?
You can check the example bitbucket-pipelines.yml file on this page:
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Abhinay,
Please create a support ticket and provide the URL of the Pipelines build with this error for further investigation. The support ticket will be visible to you and Atlassian staff, so anything you post there won't be publicly visible.
You can create a ticket via https://support.atlassian.com/contact/#/, in "What can we help you with?" select "Technical issues and bugs" and then Bitbucket Cloud as product. When you are asked to provide the workspace URL, please make sure you enter the URL of the workspace that is on a paid billing plan to proceed with ticket creation.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.