Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

aws keys are visible in bitbucket-pipeline.yml file

Hi Team,

I am using the bit-bucket pipeline , the configuration syntax is below

bitbucket-pipelines.yml

image: "node:10.15.0"
pipelines:
branches:
dev:
-
step:
name: "Install and build"
caches:
- node
script:
- "apt-get update -y"
- "apt-get install -y zip"
- "cd admin/front-end"
- "npm install --verbose"
- CI=false
- "npm run build"
- cd ..
- cd ..
- "zip -r myapp.zip *"
trigger: automatic
artifacts:
- myapp.zip
-
step:
name: Upload to S3
script:
- pipe: atlassian/aws-code-deploy:0.2.7
variables:
AWS_DEFAULT_REGION: '---------------'
AWS_ACCESS_KEY_ID: '----------------'
AWS_SECRET_ACCESS_KEY: '----------------'
COMMAND: 'upload'
APPLICATION_NAME: '----------------'
ZIP_FILE: 'myapp.zip'
S3_BUCKET: '---------------'
-
step:
name: Deploy with CodeDeploy
script:
- pipe: atlassian/aws-code-deploy:0.2.7
variables:
AWS_DEFAULT_REGION: 'ap-southeast-2'
AWS_ACCESS_KEY_ID: '---------------'
AWS_SECRET_ACCESS_KEY: '------------------'
COMMAND: 'deploy'
APPLICATION_NAME: '--------------'
DEPLOYMENT_GROUP: '-----'
WAIT: 'true'
S3_BUCKET: '-----------'
IGNORE_APPLICATION_STOP_FAILURES: 'true'
FILE_EXISTS_BEHAVIOR: 'OVERWRITE'
DEBUG: 'true'

My doubt is , In the configuration file , i am giving Aws access key id and secret access key, even it's displaying these details when i open the bitbucket-pipeline.yml file , i feel this is in-security issues will may occurs .

Is there any other suggestion to keep this details "AWS access key and secrete " in secure location or hide this details/ encrypt any other options if available please let me know ASAP.

Regards,
Rao

1 answer

Do it like the following:

script:
  - pipe: atlassian/aws-s3-deploy:0.2.2
    variables:
      AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID # <- here
      AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY # <- here, too
      AWS_DEFAULT_REGION: 'us-east-1'
      S3_BUCKET: 'my-bucket-name'
      LOCAL_PATH: 'build'

Example taken from: Understanding pipes - Learn about Pipes (Bitbucket Support)

See as well: Reference variables in your pipeline - Variables in pipelines (Bitbucket Support)

Is this the information you're looking for?

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Trello

Taco Tuesday: Your favorite Trello blog takeaway

Hello friends! From the community that brought you Welcome Wednesday, Throwback Thursday and Friday Fun, welcome to Taco Tuesday, a weekly discussion about all things Trello. The best part? One Tac...

64 views 4 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you