Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

aws keys are visible in bitbucket-pipeline.yml file

venkat
venkat April 23, 2020

Hi Team,

I am using the bit-bucket pipeline , the configuration syntax is below

bitbucket-pipelines.yml

image: "node:10.15.0"
pipelines:
branches:
dev:
-
step:
name: "Install and build"
caches:
- node
script:
- "apt-get update -y"
- "apt-get install -y zip"
- "cd admin/front-end"
- "npm install --verbose"
- CI=false
- "npm run build"
- cd ..
- cd ..
- "zip -r myapp.zip *"
trigger: automatic
artifacts:
- myapp.zip
-
step:
name: Upload to S3
script:
- pipe: atlassian/aws-code-deploy:0.2.7
variables:
AWS_DEFAULT_REGION: '---------------'
AWS_ACCESS_KEY_ID: '----------------'
AWS_SECRET_ACCESS_KEY: '----------------'
COMMAND: 'upload'
APPLICATION_NAME: '----------------'
ZIP_FILE: 'myapp.zip'
S3_BUCKET: '---------------'
-
step:
name: Deploy with CodeDeploy
script:
- pipe: atlassian/aws-code-deploy:0.2.7
variables:
AWS_DEFAULT_REGION: 'ap-southeast-2'
AWS_ACCESS_KEY_ID: '---------------'
AWS_SECRET_ACCESS_KEY: '------------------'
COMMAND: 'deploy'
APPLICATION_NAME: '--------------'
DEPLOYMENT_GROUP: '-----'
WAIT: 'true'
S3_BUCKET: '-----------'
IGNORE_APPLICATION_STOP_FAILURES: 'true'
FILE_EXISTS_BEHAVIOR: 'OVERWRITE'
DEBUG: 'true'

My doubt is , In the configuration file , i am giving Aws access key id and secret access key, even it's displaying these details when i open the bitbucket-pipeline.yml file , i feel this is in-security issues will may occurs .

Is there any other suggestion to keep this details "AWS access key and secrete " in secure location or hide this details/ encrypt any other options if available please let me know ASAP.

Regards,
Rao

Answer
Watch
Like Be the first to like this
1066 views

1 answer

0 votes
ktomk
ktomk
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 7, 2020

Do it like the following:

script:
  - pipe: atlassian/aws-s3-deploy:0.2.2
    variables:
      AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID # <- here
      AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY # <- here, too
      AWS_DEFAULT_REGION: 'us-east-1'
      S3_BUCKET: 'my-bucket-name'
      LOCAL_PATH: 'build'

Example taken from: Understanding pipes - Learn about Pipes (Bitbucket Support)

See as well: Reference variables in your pipeline - Variables in pipelines (Bitbucket Support)

Is this the information you're looking for?

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security