Credential

Creates a credential dynamically within a pipeline run. This module is useful for importing credentials from external systems, such as key stores, vaults, and CMDBs.

Object Representation (YAML)

id: String
name: String
type: String
depends: [String]
tags: [String]
condition: Boolean
each: Array
verbosity: String
ignore_errors: Boolean
properties:
  id: String
  type: String
  text: String
  username: String
  password: String
  private_key: String
  token: String
  subscription_id: String
  domain: String
  tenant_id: String
  client_id: String
  client_key: String
  json: String
  access_key: String
  secret_key: String
  role_id: String
  secret_id: String

Fields

PropertyDetails
id *

String

A unique identifier for the step.

Can contain hyphens and underscores, but not spaces.

name *

String

A friendly name for the step. This name will appear in the pipeline designer and run output.

type *

String

The type of the step. Can be pipeline or a step module type.

depends[]

[String]

A list of dependencies of this step.

This step will not be executed until all steps with ids in this list are finished executing.

tags[]

[String]

Tags are used to group related steps. Steps with the same tag can be retrieved using the findStepsByTag() helper function.

Can contain hyphens and underscores, but not spaces.

condition

Boolean

An expression which is evaluated before the step executes. If it evaluates to false, the step will be skipped. The step.result.status field will be "Skipped".

each

Array

An array of elements to execute the step once for each of them.

verbosity

String

Step event verbosity. Determines how much information about step execution is sent back to the application.

ignore_errors

Boolean

If true, errors in the step module will not halt pipeline execution, and subsequent steps will still be executed. The step.result.status field will be "Failed" if the step encounters an error.

properties.id *

String

The ID of the new credential.

properties.type *

String

The credential type. Should be one of generic, username_password, ssh_key, bearer_token, api_token, azure_service_principal, google_service_account, aws_access_key, vault_app_role.

properties.text

String

The generic secret text. Only applies to generic credential types.

properties.username

String

The username of the username/password credential. Only applies to username_password credential types.

properties.password

String

The password of the username/password credential. Only applies to username_password credential types.

properties.private_key

String

The SSH private key content. Must be provided in PEM-encoded RSA format. Only applies to private_key credential types.

properties.token

String

The bearer token content. Only applies to bearer_token credential types.

properties.subscription_id

String

The ID of the Azure subscription which contains the service principal. Only applies to azure_service_principal credential types.

properties.domain

String

The Azure Active Directory domain name associated with the service principal. Only applies to azure_service_principal credential types.

properties.tenant_id

String

The Azure Active Directory tenant ID associated with the service principal. Only applies to azure_service_principal credential types.

properties.client_id

String

The Azure service principal Application (Client) ID. Only applies to azure_service_principal credential types.

properties.client_key

String

The Azure service principal client secret. Only applies to azure_service_principal credential types.

properties.json

String

The downloaded JSON credential content for the GCP service account. Only applies to google_service_account credential types.

properties.access_key

String

The AWS IAM access key ID. Only applies to aws_access_key credential types.

properties.secret_key

String

The AWS IAM secret access key. Only applies to aws_access_key credential types.

properties.role_id

String

Role ID of an existing AppRole. An "AppRole" represents a set of Vault policies and login constraints that must be met to receive a token with those policies.

properties.secret_id

String

Secret ID attached to the role.

Result Fields

The following are the step execution result fields available at steps.<step id>.result after a step executes.

KeyDetails
result.status

String

A string indicating the step execution status. Can be Succeeded, Failed, or Skipped.