Open dzieciou opened 2 years ago
Yeah, there's Vault AWS IAM Credential
, but this seems to be something completely different...
With a combination of Vault, Jenkins Configuration-as-Code, it's possible. If you start your Jenkins with these Environment Variables properly configured, it'll load secrets from Vault into Environment Variables:
CASC_VAULT_TOKEN="<TOKEN>"
CASC_VAULT_ENGINE_VERSION=<Engine version 1 or 2>
CASC_VAULT_PATHS=<path/to/jenkins-secrets>
CASC_VAULT_URL=<URL to Vault>
Official docs on the matter: https://github.com/jenkinsci/configuration-as-code-plugin/blob/master/docs/VAULT.md
---
credentials:
system:
domainCredentials:
- credentials:
- aws:
scope: GLOBAL
id: "AWS"
accessKey: "${AWS_ACCESS_KEY_ID}"
secretKey: "${AWS_SECRET_ACCESS_KEY}"
description: "AWS Credentials"
Yes, that's the workaround I also use until this issue is fixed.
Any updates on this?
Dependencies
None
Feature Request
I am currently migrating all our credentials from Jenkins to Vault. Unfortunatetly, current version of the plugin does not support populating Jenkins AWS Credentials.
Is there any PR on that?