search

jenkinsci / aws-secrets-manager-credentials-provider-plugin

AWS Secrets Manager Credentials Provider for Jenkins
https://plugins.jenkins.io/aws-secrets-manager-credentials-provider/
MIT License
65 stars 43 forks source link

Support AWS credentials #237

Open andyshinn opened 1 year ago

andyshinn commented 1 year ago

What feature do you want to see added?

Support the AWS credential type from https://github.com/jenkinsci/aws-credentials-plugin so we can specify a role, MFA, etc.. Maybe these can be additional tags such as jenkins:credentials:assume_role, jenkins:credentials:mfa_arn, etc.

Upstream changes

No response

chriskilding commented 1 year ago

This is tangentially related to #236

In that PR I'm adding support to let the plugin authenticate with AWS using a static key pair, supplied inline in Jenkins config. (This is to help users who want to use the plugin, but who only have administrative control of Jenkins - and not the box it's running on.) There were 2 options for supplying the key pair:

  1. Have the plugin consume an AWSCredentials object from the Credentials API
  2. Supply the access key and secret key values directly (with encryption / protection on the secret key field)

Given the presence of this request I think approach (1) is now definitely out of the question; if the plugin supplied AWSCredentials as well as consuming it, then it would run into a chicken-and-egg initialisation error. (I.e. potentially asking the uninitialised version of itself for a credential which it needs to initialise itself.) This vindicates approach (2) which I have used.

ychaharau commented 8 months ago

Hi Team! Thank you for raising the issue! Is there a timeframe or deadline to add this enhancement? I'm looking forward to this so much!