The public key is used to encrypt the AWS credentials that are generated by the admin pipeline. In this section we will see how this key is generated and then how to use the key to encrypt the credentials in the terraform pipeline.
Generating the key-pair¶
- Check if
gpgis installed in your system
- If the above command is running then
gpgis installed in your system.
- Run the below command to generate the full key pair
- You will get certain options that you can configure. For more info: New GPG key
- In the last step you will be prompted for a password in the key pair generation. Keep the password secure.
- Once the keys are generated you can see the keys via the command
- To output the keys in a file (use the
<EMAIL>used to generate the keys)
Using public key to encrypt AWS credentials¶
- We will use the public key generated above to encrypt the AWS credentials.
- We need to take base64 encoding of the public key and then pass it to terraform. The terraform AWS provider takes the public key and encrypt the credentials.
- To generate the base64 encoding run the below command
- Use the above output and pass it in the variable
public_keyin the Step-1
- Although the key is already kept there and we don't need to replace it.