Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Setting AWS Credentials, Script Task and PowerShell


For a Script Task in your plan. You typically need to set your AWS credentials to point to and use your EC2 instances.

Set-Credentials is the AWS way, but that does not work.

Instead use this?
SET AWS_ACCESS_KEY_ID=$Env:bamboo_AWSAccessKeyId
SET AWS_SECRET_ACCESS_KEY=$Env:bamboo_AWSSecretKeyPassword


Put it is still not pointing to my EC2 instance correctly. None of my AWS CLI commands work.

4 answers

1 accepted

You can't set the creds in an inline PS. Or, at least I have not been able to find a way to.

Recommend using an inline cmd as follows.

Create a Script task. Use cmd. Set your creds:

@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}

Then, if you need to invoke any PowerShell scripts or other functionality.

Create a Local Agent so you can talk to your local bamboo server. Remember everything works from these agents.
You do not need to setup any capability.
Bamboo's auto-magic will chose the correct agent to build with.

Then in that same inline cmd use the below code to talk to your PowerShell scripts correctly:

powershell -NoProfile -Command "C:\scripts\<myPSscript>.ps1 <arg>; exit $LASTEXITCODE" < NUL



This seems to work well for our needs. HTH.


1 vote
Steffen Opel _Utoolity_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Jan 25, 2018 • edited Feb 26, 2018

Update 2018-02-26: We have fixed the below referenced example from our docs by adding the required 'Env:' prefix for accessing environment variables from PowerShell.

According to the related documentation for our (Utoolity's) AWS Credentials Variables task, the following syntax for referencing Bamboo environment variables in PowerShell should work within Bamboo's Script task:

$AWS_ACCESS_KEY_ID = $Env:bamboo_custom_aws_accessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_custom_aws_secretAccessKey_password
$AWS_SESSION_TOKEN = $Env:bamboo_custom_aws_sessionToken_password

So given your Bamboo variable names, the following should do the trick in your AWS CLI based scenario:

$AWS_ACCESS_KEY_ID = $Env:bamboo_AWSAccessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_AWSSecretKeyPassword


Please note that those standard environment variables only work for the AWS CLI and not the AWS Tools for PowerShell due to an easily confusing difference between these two:

  • The AWS CLI supports specifying credentials via environment variables (i.e. '$AWS_ACCESS_KEY_ID' etc.), but does not support specifying credentials via the command line.
  • The AWS Tools for PowerShell support specifying credentials via the command line (i.e. '-AccessKey $Env:bamboo_AWSAccessKeyId' etc.), but do not support specifying credentials via environment variables.

Further, at least the AWS Tools for PowerShell will also fall back to any subsequent credentials source in the default credentials provider chain in case credentials explicitly specified on the command line are incorrect or absent (rather than complaining about an incorrect parameter), which is at least a bit counter intuitive I think.

That does not work either. I think this is working


NOPE. The above doesn't work either. Set-AWSCredentials doesn't work... how the do you set the fricken credentials? Seems like pretty basic, straight-forward and common thing? Are we restricted to using a .ps1 file or a cmd?

I can get the key/secret key in the script. You can Write-Host and they show up. I just cannot set the AWS variables so my commands will work

Steffen Opel _Utoolity_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Feb 26, 2018 • edited

@Jeremy Roelfs - We have analyzed this oddity further and identified the syntax error in our documentation, namely the missing 'Env:' prefix before the environment variables. This means that the right hand side of your initial attempt combined with the left hand side of our example finally yields a working solution for your AWS CLI scenario ;)

I've also added some additional caveats to be aware of when debugging these topics (with the odd PowerShell credentials provider chain fallback also causing our respectively ill composed unit test to succeed rather than fail, because it used the credentials from the elastic agent's EC2 instance profile rather than those never resolved variables ...).

Great! Thank you guys for following up! Appreciate it!

you can set it by :


#1. How to configure AWS CLI

➜ ~ aws configure
AWS Access Key ID [****************xxxxx]: XXXXXXXXXXXXXX
AWS Secret Access Key [****************xxxxx]: XXXXXXXXXXXXXXXXXXXXXXX
Default region name [us-east-1]:
Default output format [json]:

For details check this 

0 votes
Alexey Chystoprudov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jan 24, 2018

@Jeremy Roelfs, when you see output or logs of Script task exception Bamboo will show what environment variables are available for script. Most possible you should use 

${bamboo_AWSAccessKeyId} variable name, not $Env: form

I never could get it working in PowerShell. Not sure what I'm doing wrong. So I switched to a inline cmd. It took some work getting my commands switched to a cmd, but I can set the variables just fine now:

@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}

@Alexey Chystoprudov We have to use PowerShell, so I'm back again... can you please just give me an example?

is it SET AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId}

This is how you set it in PowerShell: $env:AWS_ACCESS_KEY_ID=<key here>

But this: $env:AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId} does not work in the Script Task.

The error I receive is "A positional parameter cannot be found that accepts argument" Real descriptive...

What is it exactly? Can you give me a full example please?

Alexey Chystoprudov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jan 25, 2018

@Jeremy Roelfs, I'm not familiar with PowerShell scripts

@Jeremy Roelfs  Hi Jeremy, just want to check with you about your findings using Bamboo for AWS deployment,  did you use the temporary AWS credentials for TASK for AWS?  

I am currently exploring if we can use BAMBOO and TASK for AWS to fulfill AWS deployment, I am facing the similar challenges.

My first step is to injecting temporary AWS credentials ( access key id, Secrete access key and security token), then use features offered by TASKS for AWS to mange AWS environment.

If I am lucky for the first step, then, I will explore automatic way to get temporary AWS credentials via ADFS ID verification and SAML 2.0 federation STS, which might requires customization. As @Steffen Opel _Utoolity_ mentioned in other thread, such SAML 2.0 federation is not currently supported by TASKS for AWS.

After reading the document of TASKS for AWS, I like the tool offered lots of AWS operation functions and can not wait to explore more.

Hope you can share any of your thoughts on how integrate AWS temporary credentials with TASKS for AWS, much appreciated.




Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events