Configuration as Code AWS SSM secrets

Jenkins plugin for getting secrets from AWS parameter store when using Jenkins Configuration as Code plugin.

More information about AWS SSM:

More information about Jenkins Configuration as Code plugin:


Install plugin via Jenkins Update Center.

Make sure that Jenkins at least the following IAM permissions:

    "Version": "2012-10-17",
    "Statement": [
            "Effect": "Allow",
            "Action": "ssm:GetParameter",
            "Resource": "arn:aws:ssm:<region>:<account>:parameter/*"

Plugin will try to resolve secrets

- credentials:
  - string:
    id: "cred-id"
    secret: ${filename}

from SSM with name filename.

If a prefix is needed then configure environment variable CASC_SSM_PREFIX. Example: CASC_SSM_PREFIX=jenkins.master.

It will then resolve the example above with name jenkins.master.filename from SSM.

Code has been contributed by Bambora