Source: medium.com
How to handle secrets in AWS CodebuildCategory: Terraform
You have a CodeBuild project that build you static site from headless CMS and you need the access token to call the API. You are smart enough to know that hardcoding it directly in source code is not a good idea.
This works but has couple downsides: AWS has a service to securely store passwords, tokens, credentials or any other sensitive data — AWS Secrets Manager.
Values from Secrets Manager can be mapped out to environment variables that will be available through all build project phases.
NOTE: Of course IAM role associated with CodeBuild project has to have sufficient permissions to access secretsOriginally published at https://mpasierbski.com.
This works but has couple downsides: AWS has a service to securely store passwords, tokens, credentials or any other sensitive data — AWS Secrets Manager.
Values from Secrets Manager can be mapped out to environment variables that will be available through all build project phases.
NOTE: Of course IAM role associated with CodeBuild project has to have sufficient permissions to access secretsOriginally published at https://mpasierbski.com.
Related Articles
Community Partners
DevOps Careers