By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How do I allow EC2 Agent to retrieve Secrets from Secret Manager when using CodeDeploy?

0

We have an EC2 instance that is running a CodeDeploy agent on Windows Server. I have a powershell script that runs as part of the CodeDeploy deployment in an "after-install" script. This script uses aws CLI to retrieve secrets and then updates a file in our app. When it tries to run during a deployment, it fails - the script execution times out. If I run the same script from a powershell window on the EC2 server, it works fine and only takes a few seconds. How to configure CodeDeploy agent on EC2 to have permissions to secret manager?

Topics
Developer ToolsSecurity, Identity, & Compliance
Tags
AWS CodePipelineAWS Identity and Access ManagementAWS Secrets Manager
Language
English
Joe Guerra Globalstar
asked 2 years ago777 views
1 Answer
1

There is a blog that shows how this can be accomplished using the Parameter Store - https://aws.amazon.com/blogs/mt/use-parameter-store-to-securely-access-secrets-and-config-data-in-aws-codedeploy/

profile pictureAWS
EXPERT
Indranil Banerjee AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content