Secure token storage

Now, we are going to store our token in AWS Secrets Manager for protection and seamless integration with other AWS services. We will need this in subsequet steps where we automate the build process using AWS CodeBuild and depend on passing this token. To do so we will run through a couple of steps that may seem redundant, but makes it easier to copy and paste stuff.

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

AWS Systems Manager also provides secure, hierarchical storage for configuration data management and secrets management through its parameter store.

First, let’s assign the value of the token we copied to our clipboard to a local environment variable on our Cloud9 IDE. At the prompt, set TempToken= and paste the token you copied to your clipboard using Command-V or CTRL-V so that it looks similar to this:

TempToken=UC2RDeQalishTxClTywI5218

Next, run the following command:

aws secretsmanager create-secret \
--name "AtlassianAPIToken" \
--description "Atlassian API Token" \
--secret-string "$TempToken"

If successful, you should see output similar to what’s below:

{
    "VersionId": "f8a8fed6-05cd-41f3-aa1c-8fb9c0684873", 
    "Name": "AtlassianAPIToken", 
    "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:AtlassianAPIToken-mf8rZW"
}

Next, let’s set our Atlassian username to a local environment variable. At the prompt, set TempUser= and provide the email address associated with your Atlassian account so that it looks similar to this:

TempUser=me@company.com

Next, simply run the following command:

aws secretsmanager create-secret \
--name "AtlassianAPIUser" \
--description "Atlassian API User" \
--secret-string "$TempUser"

If successful, you should see output similar to what’s below:

{
    "VersionId": "033ff5f3-967f-4642-b206-01d39aca575d",
    "Name": "AtlassianAPIUser",
    "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:AtlassianAPIUser-pMXi9h"
}