I can't see the screenshots. Would you please post them again? I tried to follow your instructions but Jenkins automatically unchecks "use IAM role" after I save it with the name or ARN of the role. What am I doing wrong?
On Thursday, August 2, 2018 at 9:48:38 PM UTC+5:30 [email protected] wrote: > Hi Aldrin Leal, > > Thanks for your information, my problem got solved with other way........ > like instead of using IAM user credentials in Jenkins, we can create IAM > role with S3 full permission and attach that role in to the Jenkins server, > then in Jenkins at the S3 publisher profile instead of providing > credentials, we can select IAM role, no worries about credentials. > > > Please follow below steps: > > 1. First need to create IAM role with S3 full access. > 2. Then attach that role to Server. > 3. And go to Jenkins dashboard, > > Configure Systems, > > Amazon S3 profile, > > S3 profiles name : same name as "IAM role" > > Instead of given credentials, we can select "Use IAM Role", then apply > and save > > > > 1. In Jenkins job, Add post-build action: > > Publish artifacts to S3 Bucket, > > S3 profile name: name same as "IAM role", > > Files to upload: Source : Files name > > Destination bucket : Bucket path > > Bucket Region : Select bucket region > > > > Then Apply and Save > > 1. Click Build now, check artifacts are uploaded in to S3 bucket. > > > On Thursday, 2 August 2018 19:29:33 UTC+5:30, Aldrin Leal wrote: > >> Why not restrict the key to allow only uploading from a given IP Address? >> Is it way safer >> >> >> https://aws.amazon.com/blogs/security/writing-iam-policies-how-to-grant-access-to-an-amazon-s3-bucket/ >> >> >> https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_deny-ip.html >> > >> -- >> -- Aldrin Leal, <[email protected]> / https://ingenieux.io/about/ >> >> On Thu, Aug 2, 2018 at 8:46 AM, <[email protected]> wrote: >> > Jenkins deployments will need to upload artifacts to S3; Jenkins can't >>> write to S3 by default, so we'll need to specify AWS credentials to upload. >>> We'd prefer to not expose these credentials in build scripts or >>> configuration options. >>> Goal is to provide best practices for properly using and hiding AWS >>> credentials in Jenkins jobs >>> >>> On Monday, 30 July 2018 17:03:22 UTC+5:30, gil wrote: >>>> >>>> what about writing your job to upload files to s3? >>>> >>>> On Friday, 27 July 2018 14:44:13 UTC+3, [email protected] wrote: >>>>> >>>>> Hi, >>>>> >>>>> My self Jai, >>>>> >>>>> Am currently facing problem with "how to hide aws access key and >>>>> secrete key in S3 plugin while uploading artifacts from jenkins job to >>>>> AWS >>>>> S3 ??? Need help soon, Can any body please?? >>>>> >>>>> >>>>> Thanks and Regards >>>>> Jai >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Jenkins Users" group. >>> >> To unsubscribe from this group and stop receiving emails from it, send an >>> email to [email protected]. >>> >> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/jenkinsci-users/fc046bdc-e7ff-4457-9b16-2ba81f52dafc%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/jenkinsci-users/fc046bdc-e7ff-4457-9b16-2ba81f52dafc%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/596d0ed4-5b36-4b4f-ada4-3b1136b73771n%40googlegroups.com.
