aws

The aws connection can be used to access Amazon Web Services resources.

connection "aws" "my_connection" {
profile = "aws-account-01"
}

Arguments

NameTypeRequired?Description
profileStringOptionalThe AWS Profile to use to obtain connections.
access_keyStringOptionalA static AWS access key to use to authenticate.
secret_keyStringOptionalA static AWS secret key to use to authenticate.
session_tokenStringOptionalA static AWS session token to use to authenticate. This is only used if you specify access_key and secret_key.
ttlNumberOptionalThe time, in seconds, to cache the connections. By default, the AWS connection will be cached for 5 minutes.

All arguments are optional, and an aws connection with no arguments will behave the same as the AWS default connection. You may instead specify exactly one of:

  • profile
  • access_key and secret_key (and optionally session_token)

Attributes (Read-Only)

AttributeTypeDescription
access_keyStringThe AWS access key to use to authenticate. If you specified the access_key arg, then this is the argument value verbatim. If you have specified profile, then this is the resolved temporary access key for that profile.
secret_keyStringThe AWS secret key to use to authenticate. If you specified the secret_key arg, then this is the argument value verbatim. If you have specified profile, then this is the resolved temporary secret key for that profile.
session_tokenStringThe AWS session token to use to authenticate. If you specified the session_token arg, then this is the argument value verbatim. If you have specified profile, then this is the resolved temporary session token for that profile.
envMapA map of the resolved connection-related environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN, AWS_PROFILE)

Default Connection

The AWS connection type includes an implicit, default connection (connection.aws.default) that will be configured using the same mechanism as the AWS CLI (AWS environment variables, default profile, etc); the effective connections of this default are the same as if you run the aws command.

Examples

Static Connections

connection "aws" "aws_static" {
access_key = "ASIAQGDFAKEKGUI5MCEU"
secret_key = "QhLNLGM5MBkXiZm2k2tfake+TduEaCkCdpCSLl6U"
}

AWS Profile

connection "aws" "aws_profile" {
profile = "awx_prod_01"
}

Using AWS Connections in Container Step

pipeline "ex1" {
param "connection" {
type = string
default = "default"
}
step "container" "aws" {
image = "public.ecr.aws/aws-cli/aws-cli"
cmd = [ "s3", "ls" ]
env = connection.aws[param.connection].env
}
}