Secure env variables

mr_green · April 25, 2019, 1:09pm

I’ve got a few environment variables that I’m setting on the pipeline:

env:
  AWS_ACCESS_KEY_ID: "xyzxyzxyzxyzxyzxyzxyzxyz"
  AWS_SECRET_ACCESS_KEY: "xyzxyzxyzxyzxyzxyzxyzxyzxyzxyz"


steps:
  - command: 
      - "echo Hello World"

Does buildkite have any way to secure those environment variables, or integration to something like AWS Secrets Manager?

moensch · April 26, 2019, 5:24am

I would write a repository-level environment or pre-command hook, fetch the secrets from AWS Secrets Manager or SSM Parameter Store, and export them as env vars.

Topic		Replies	Views
Environment variables set in S3 not accessible from build step Elastic CI Stack for AWS	3	190	February 12, 2024
Persist system environment variables to job General	3	401	May 18, 2022
How to set an ENV var for all steps in the pipeline General	6	2277	April 25, 2023
Buildkite env vars set in the pipeline is broken Pipelines	7	516	August 29, 2023
Plugin environment variables question General	1	865	October 26, 2020

Secure env variables

Related Topics