Setting AWS Credentials, Script Task and PowerShell Edited

For a Script Task in your plan. You typically need to set your AWS credentials to point to and use your EC2 instances.

Set-Credentials is the AWS way, but that does not work.

Instead use this?
SET AWS_ACCESS_KEY_ID=$Env:bamboo_AWSAccessKeyId
SET AWS_SECRET_ACCESS_KEY=$Env:bamboo_AWSSecretKeyPassword


Put it is still not pointing to my EC2 instance correctly. None of my AWS CLI commands work.

3 answers

1 accepted

You can't set the creds in an inline PS. Or, at least I have not been able to find a way to.

Recommend using an inline cmd as follows.

Create a Script task. Use cmd. Set your creds:

@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}

Then, if you need to invoke any PowerShell scripts or other functionality.

Create a Local Agent so you can talk to your local bamboo server. Remember everything works from these agents.
You do not need to setup any capability.
Bamboo's auto-magic will chose the correct agent to build with.

Then in that same inline cmd use the below code to talk to your PowerShell scripts correctly:

powershell -NoProfile -Command "C:\scripts\<myPSscript>.ps1 <arg>; exit $LASTEXITCODE" < NUL



This seems to work well for our needs. HTH.


Update 2018-02-26: We have fixed the below referenced example from our docs by adding the required 'Env:' prefix for accessing environment variables from PowerShell.

According to the related documentation for our (Utoolity's) AWS Credentials Variables task, the following syntax for referencing Bamboo environment variables in PowerShell should work within Bamboo's Script task:

$AWS_ACCESS_KEY_ID = $Env:bamboo_custom_aws_accessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_custom_aws_secretAccessKey_password
$AWS_SESSION_TOKEN = $Env:bamboo_custom_aws_sessionToken_password

So given your Bamboo variable names, the following should do the trick in your AWS CLI based scenario:

$AWS_ACCESS_KEY_ID = $Env:bamboo_AWSAccessKeyId
$AWS_SECRET_ACCESS_KEY = $Env:bamboo_AWSSecretKeyPassword


Please note that those standard environment variables only work for the AWS CLI and not the AWS Tools for PowerShell due to an easily confusing difference between these two:

  • The AWS CLI supports specifying credentials via environment variables (i.e. '$AWS_ACCESS_KEY_ID' etc.), but does not support specifying credentials via the command line.
  • The AWS Tools for PowerShell support specifying credentials via the command line (i.e. '-AccessKey $Env:bamboo_AWSAccessKeyId' etc.), but do not support specifying credentials via environment variables.

Further, at least the AWS Tools for PowerShell will also fall back to any subsequent credentials source in the default credentials provider chain in case credentials explicitly specified on the command line are incorrect or absent (rather than complaining about an incorrect parameter), which is at least a bit counter intuitive I think.

That does not work either. I think this is working


NOPE. The above doesn't work either. Set-AWSCredentials doesn't work... how the do you set the fricken credentials? Seems like pretty basic, straight-forward and common thing? Are we restricted to using a .ps1 file or a cmd?

I can get the key/secret key in the script. You can Write-Host and they show up. I just cannot set the AWS variables so my commands will work

@Jeremy Roelfs - We have analyzed this oddity further and identified the syntax error in our documentation, namely the missing 'Env:' prefix before the environment variables. This means that the right hand side of your initial attempt combined with the left hand side of our example finally yields a working solution for your AWS CLI scenario ;)

I've also added some additional caveats to be aware of when debugging these topics (with the odd PowerShell credentials provider chain fallback also causing our respectively ill composed unit test to succeed rather than fail, because it used the credentials from the elastic agent's EC2 instance profile rather than those never resolved variables ...).

Great! Thank you guys for following up! Appreciate it!

0 votes

@Jeremy Roelfs, when you see output or logs of Script task exception Bamboo will show what environment variables are available for script. Most possible you should use 

${bamboo_AWSAccessKeyId} variable name, not $Env: form

I never could get it working in PowerShell. Not sure what I'm doing wrong. So I switched to a inline cmd. It took some work getting my commands switched to a cmd, but I can set the variables just fine now:

@echo off
SET AWS_ACCESS_KEY_ID=${bamboo.AWSAccessKeyId}
SET AWS_SECRET_ACCESS_KEY=${bamboo.AWSSecretKeyPassword}

@Alexey Chystoprudov We have to use PowerShell, so I'm back again... can you please just give me an example?

is it SET AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId}

This is how you set it in PowerShell: $env:AWS_ACCESS_KEY_ID=<key here>

But this: $env:AWS_ACCESS_KEY_ID=${bamboo_AWSAccessKeyId} does not work in the Script Task.

The error I receive is "A positional parameter cannot be found that accepts argument" Real descriptive...

What is it exactly? Can you give me a full example please?

@Jeremy Roelfs, I'm not familiar with PowerShell scripts

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

807 views 3 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you