Avoid leaking secrets through builds and deployments, have them securely managed external to Bamboo
Link external secret managers
Connect your Bamboo installation with any number of external secret managers. Azure Key Vault, HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager, CyberArk Conjur, Oracle Cloud Vault and Thycotic SS are supported.
Easily reference secrets from variables
Use a custom, compact syntax (%secret-manager-name:secret-path%) to reference external secrets from global, project, plan or environment variables. Use from Bamboo Specs and avoid credential exposure in source control.
Have secrets automatically resolved
Secrets are ad hoc resolved with their respective secret manager, and injected during builds or deployments. Resolved values only exist in memory for as long as needed and are always obfuscated in the logs.
Secret Managers fo Bamboo allows connecting your Bamboo installation with any number of external secret managers. Azure Key Vault, HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager, CyberArk Conjur, Oracle Cloud Vault and Thycotic SS are supported.
Managing your secrets centrally and outside your build infrastructure allows for better security and governance, and will aid with compliance.
Once a connection is defined with a secret manager, an intuitive and compact syntax can be used to reference external secrets from Bamboo variables. As secrets are regular Bamboo variables, the same principle applies to Bamboo Specs as well, avoiding credential exposure in source control.
The plugin additionally provides the following features, vastly enhancing the security profile of your CI/CD pipelines:
Happy to assist via our Support page.
Privacy and security