2

I have a Linux server that is not hosted by AWS. Now, I want to use AWS CodePipeline and CodeBuild to build my CI/CD workflow. During the build phase with CodeBuild, I wan't to transfer the build result files to my remote Linux server. I know I can do this using scp <source> <destination> over SSH. But I don't know how to store the SSH keys in CodeBuild. Is this possible?

1 Answers1

3

Yes it is possible.

You keep the secret (SSH private key) in AWS Secrets Manager or Parameter Store. CodeBuild has native support to fetch these secrets safely and they will never be echoed anywhere. See this StackOverflow response: How to retrieve Secret Manager data in buildspec.yaml

shariqmaws
  • 8,152
  • 1
  • 16
  • 35