Jenkins plugin for getting secrets from AWS parameter store when using Jenkins Configuration as Code plugin.
More information about AWS SSM: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html
More information about Jenkins Configuration as Code plugin: https://github.com/jenkinsci/configuration-as-code-plugin
Install plugin via Jenkins Update Center.
Make sure that Jenkins at least the following IAM permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ssm:GetParameter",
"Resource": "arn:aws:ssm:<region>:<account>:parameter/*"
}
]
}
Plugin will try to resolve secrets
- credentials:
- string:
id: "cred-id"
secret: ${filename}
from SSM with name filename.
If a prefix is needed then configure environment variable CASC_SSM_PREFIX. Example: CASC_SSM_PREFIX=jenkins.master.
It will then resolve the example above with name jenkins.master.filename from SSM.
Code has been contributed by Bambora