Temporary Security Credentials for AWS

Hello Guys. For programmatic access to AWS , my organisation provides Temporary Security Credentials which are valid for a specific period of time. These credentials include a Access Key ID, Secret Access Key and Session Token. Is there any way I can use these credentials in Octopus Deploy . Right now Octopus provides only Access Key and Secret Key . Could someone help me out with this ?

Hi @Akhil_B, thanks for reaching out.

Accounts in Octopus are not generally created for temporary credentials as the deployments are designed to be repeatable, which is why the AWS account does not have a field for session token. However you may be able to work around this limitation with a few different options.

  1. The AWS steps allow a master account to assume a role, which means any deployment is performed with a temporary token. In the screenshot below you can see an AWS step that has selected the option to assume a role.

  1. If a temporary token must be supplied with each deployment, you can define a prompted variable (https://octopus.com/docs/deployment-process/variables/prompted-variables), and then manually script deployments after setting the appropriate environment variables (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) of AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN.

Matt C