I have a Serverless framework application. I am creating my buildspec.yml to have codeBuild to run my jest test and after passing the test deploying my application. This is my buildspec.yml:
version: 0.2
phases:
install:
runtime-versions:
nodejs: 12
commands:
- npm install -g serverless
- npm install -g serverless-plugin-log-retention
pre_build:
commands:
- npm install -g jest
- echo aaa
- echo bbb
- export AWS_ACCESS_KEY_ID=aaa
- export AWS_SECRET_ACCESS_KEY=bbb
build:
commands:
- jest
post_build:
commands:
- serverless deploy
How can I set my AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY without having them in plain text on the code? I thought about using secrets manager, but I dont know if thats the best practice.
I use this variables for the action
serverles deploy
As far as I know I need a profile to make the deployment