I can't see the screenshots. Would you please post them again? I tried to follow your instructions but Jenkins automatically unchecks "use IAM role" after I save it with the name or ARN of the role. What am I doing wrong?
On Thursday, August 2, 2018 at 9:48:38 PM UTC+5:30 seshadri...@gmail.com wrote: > Hi Aldrin Leal, > > Thanks for your information, my problem got solved with other way........ > like instead of using IAM user credentials in Jenkins, we can create IAM > role with S3 full permission and attach that role in to the Jenkins server, > then in Jenkins at the S3 publisher profile instead of providing > credentials, we can select IAM role, no worries about credentials. > > > Please follow below steps: > > 1. First need to create IAM role with S3 full access. > 2. Then attach that role to Server. > 3. And go to Jenkins dashboard, > > Configure Systems, > > Amazon S3 profile, > > S3 profiles name : same name as "IAM role" > > Instead of given credentials, we can select "Use IAM Role", then apply > and save > > > > 1. In Jenkins job, Add post-build action: > > Publish artifacts to S3 Bucket, > > S3 profile name: name same as "IAM role", > > Files to upload: Source : Files name > > Destination bucket : Bucket path > > Bucket Region : Select bucket region > > > > Then Apply and Save > > 1. Click Build now, check artifacts are uploaded in to S3 bucket. > > > On Thursday, 2 August 2018 19:29:33 UTC+5:30, Aldrin Leal wrote: > >> Why not restrict the key to allow only uploading from a given IP Address? >> Is it way safer >> >> >> https://aws.amazon.com/blogs/security/writing-iam-policies-how-to-grant-access-to-an-amazon-s3-bucket/ >> >> >> https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_deny-ip.html >> > >> -- >> -- Aldrin Leal, <ald...@leal.eng.br> / https://ingenieux.io/about/ >> >> On Thu, Aug 2, 2018 at 8:46 AM, <seshadri...@gmail.com> wrote: >> > Jenkins deployments will need to upload artifacts to S3; Jenkins can't >>> write to S3 by default, so we'll need to specify AWS credentials to upload. >>> We'd prefer to not expose these credentials in build scripts or >>> configuration options. >>> Goal is to provide best practices for properly using and hiding AWS >>> credentials in Jenkins jobs >>> >>> On Monday, 30 July 2018 17:03:22 UTC+5:30, gil wrote: >>>> >>>> what about writing your job to upload files to s3? >>>> >>>> On Friday, 27 July 2018 14:44:13 UTC+3, seshadri...@gmail.com wrote: >>>>> >>>>> Hi, >>>>> >>>>> My self Jai, >>>>> >>>>> Am currently facing problem with "how to hide aws access key and >>>>> secrete key in S3 plugin while uploading artifacts from jenkins job to >>>>> AWS >>>>> S3 ??? Need help soon, Can any body please?? >>>>> >>>>> >>>>> Thanks and Regards >>>>> Jai >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Jenkins Users" group. >>> >> To unsubscribe from this group and stop receiving emails from it, send an >>> email to jenkinsci-use...@googlegroups.com. >>> >> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/jenkinsci-users/fc046bdc-e7ff-4457-9b16-2ba81f52dafc%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/jenkinsci-users/fc046bdc-e7ff-4457-9b16-2ba81f52dafc%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/596d0ed4-5b36-4b4f-ada4-3b1136b73771n%40googlegroups.com.
