For a Script Task in your plan. You typically need to set your AWS credentials to point to and use your EC2 instances.
Set-Credentials is the AWS way, but that does not work.
Instead use this?
SET AWS_ACCESS_KEY_ID=$Env:bamboo_AWSAccessKeyId
SET AWS_SECRET_ACCESS_KEY=$Env:bamboo_AWSSecretKeyPassword
SET AWS_DEFAULT_REGION=us-east-1
Put it is still not pointing to my EC2 instance correctly. None of my AWS CLI commands work.
You can't set the creds in an inline PS. Or, at least I have not been able to find a way to.
Recommend using an inline cmd as follows.
Create a Script task. Use cmd. Set your creds:
@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}
SET AWS_DEFAULT_REGION=us-east-1
Then, if you need to invoke any PowerShell scripts or other functionality.
Create a Local Agent so you can talk to your local bamboo server. Remember everything works from these agents.
You do not need to setup any capability.
Bamboo's auto-magic will chose the correct agent to build with.
Then in that same inline cmd use the below code to talk to your PowerShell scripts correctly:
powershell -NoProfile -Command "C:\scripts\<myPSscript>.ps1 <arg>; exit $LASTEXITCODE" < NUL
This seems to work well for our needs. HTH.
Update 2018-02-26: We have fixed the below referenced example from our docs by adding the required 'Env:' prefix for accessing environment variables from PowerShell.
According to the related documentation for our (Utoolity's) AWS Credentials Variables task, the following syntax for referencing Bamboo environment variables in PowerShell should work within Bamboo's Script task:
$AWS_ACCESS_KEY_ID = $Env:bamboo_custom_aws_accessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_custom_aws_secretAccessKey_password
$AWS_SESSION_TOKEN = $Env:bamboo_custom_aws_sessionToken_password
So given your Bamboo variable names, the following should do the trick in your AWS CLI based scenario:
$AWS_ACCESS_KEY_ID = $Env:bamboo_AWSAccessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_AWSSecretKeyPassword
Caveats
Please note that those standard environment variables only work for the AWS CLI and not the AWS Tools for PowerShell due to an easily confusing difference between these two:
Further, at least the AWS Tools for PowerShell will also fall back to any subsequent credentials source in the default credentials provider chain in case credentials explicitly specified on the command line are incorrect or absent (rather than complaining about an incorrect parameter), which is at least a bit counter intuitive I think.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That does not work either. I think this is working
$AWS_ACCESS_KEY_ID="${bamboo.AWSAccessKeyId}"
$AWS_SECRET_ACCESS_KEY="${bamboo.AWSSecretKeyPassword}"
$AWS_DEFAULT_REGION="us-east-1"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
NOPE. The above doesn't work either. Set-AWSCredentials doesn't work... how the do you set the fricken credentials? Seems like pretty basic, straight-forward and common thing? Are we restricted to using a .ps1 file or a cmd?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I can get the key/secret key in the script. You can Write-Host and they show up. I just cannot set the AWS variables so my commands will work
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Jeremy Roelfs - We have analyzed this oddity further and identified the syntax error in our documentation, namely the missing 'Env:' prefix before the environment variables. This means that the right hand side of your initial attempt combined with the left hand side of our example finally yields a working solution for your AWS CLI scenario ;)
I've also added some additional caveats to be aware of when debugging these topics (with the odd PowerShell credentials provider chain fallback also causing our respectively ill composed unit test to succeed rather than fail, because it used the credentials from the elastic agent's EC2 instance profile rather than those never resolved variables ...).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
you can set it by :
➜ ~ aws configure
AWS Access Key ID [****************xxxxx]: XXXXXXXXXXXXXX
AWS Secret Access Key [****************xxxxx]: XXXXXXXXXXXXXXXXXXXXXXX
Default region name [us-east-1]:
Default output format [json]:
For details check this https://thedbadmin.com/aws-mysql-rds-database-creation-using-awscli/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Jeremy Roelfs, when you see output or logs of Script task exception Bamboo will show what environment variables are available for script. Most possible you should use
${bamboo_AWSAccessKeyId} variable name, not $Env: form
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I never could get it working in PowerShell. Not sure what I'm doing wrong. So I switched to a inline cmd. It took some work getting my commands switched to a cmd, but I can set the variables just fine now:
@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}
SET AWS_DEFAULT_REGION=us-east-1
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Alexey Chystoprudov We have to use PowerShell, so I'm back again... can you please just give me an example?
is it SET AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId}
This is how you set it in PowerShell: $env:AWS_ACCESS_KEY_ID=<key here>
But this: $env:AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId} does not work in the Script Task.
The error I receive is "A positional parameter cannot be found that accepts argument" Real descriptive...
What is it exactly? Can you give me a full example please?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Jeremy Roelfs, I'm not familiar with PowerShell scripts
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Jeremy Roelfs Hi Jeremy, just want to check with you about your findings using Bamboo for AWS deployment, did you use the temporary AWS credentials for TASK for AWS?
I am currently exploring if we can use BAMBOO and TASK for AWS to fulfill AWS deployment, I am facing the similar challenges.
My first step is to injecting temporary AWS credentials ( access key id, Secrete access key and security token), then use features offered by TASKS for AWS to mange AWS environment.
If I am lucky for the first step, then, I will explore automatic way to get temporary AWS credentials via ADFS ID verification and SAML 2.0 federation STS, which might requires customization. As @Steffen Opel _Utoolity_ mentioned in other thread, such SAML 2.0 federation is not currently supported by TASKS for AWS.
After reading the document of TASKS for AWS, I like the tool offered lots of AWS operation functions and can not wait to explore more.
Hope you can share any of your thoughts on how integrate AWS temporary credentials with TASKS for AWS, much appreciated.
Thanks
Shao
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.