Hello, Pls excuse for the lengthy post.
Am looking to make use of IAM roles in the given AWS account (jenkins master runs in the same account) and run packer build to generate AMI. This is to avoid storing / using AWS keys in Jenkins master. For this purpose, I wanted to make use of this plugin, https://github.com/jenkinsci/pipeline-aws-plugin Jenkins master is at v2.32.3 This is the primitive pipeline code which am attempting but it fails with error pointing to secure token being non-available. Has anyone got this plugin working with pipeline script ? node { stage('aws') { withAWS(role:'jenkins-ec2-master') { // awsIdentity() } } } For your ref, attached snippet of errors from build console log. >>>>>>>>>>>>>>>>>>>>>>>>>> com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: The security token included in the request is expired (Service: AWSSecurityTokenService; Status Code: 403; Error Code: ExpiredToken; Request ID: 1c2975ed-210d-11e7-a78a-896df2d6846b) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1545) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1183) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:964) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601) at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1188) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1164) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.getCallerIdentity(AWSSecurityTokenServiceClient.java:874) -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/9cc32a7d-204e-4f96-a7a9-9ed6e649de50%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
