Octopus allows you to write custom PowerShell scripts that have access to the AWS CLI and the AWS PowerShell modules via the
Run an AWS CLI Script step. In addition, the script is run in an environment that handles authentication by creating the
AWS_DEFAULT_REGION environment variables based on the AWS account that was selected for the step.
The proceeding instructions can be followed to configure the
Run an AWS CLI Script step.
Create an AWS account
The instructions at Creating an AWS Account detail the procedure for creating an account in Octopus.
Create a AWS account project variable
AWS accounts are included in a project through a project variable of the type
Amazon Web Services Account:
Add Variable window is then displayed and lists all the AWS accounts.
Select the account that was created in the previous step to assign it to the variable:
Add AWS script step
Run an AWS CLI Script step to the project, and provide it a name:
Select the variable that references the
Amazon Web Services Account under the
AWS Account section or choose to execute using the service role assigned to the EC2 instance:
The supplied account can optionally be used to assume a different AWS service role. This can be used to run the AWS commands with a role that limits the services that can be affected:
The default AWS region in which to execute AWS CLI commands is defined in the
PowerShell scripts run by the
Run an AWS CLI Script step have access to the AWS CLI executable
aws.exe on the path, as well as having the AWS PowerShell modules imported. In addition the environment variables
AWS_DEFAULT_REGION are configured. The
AWS_SESSION_TOKEN environment variable is also configured if the script was run against an assumed role, or if the AWS service role for the EC2 instance running the script (i.e. the Octopus Server) was used.
This means you can run scripts using a mix of the AWS CLI and PowerShell commands:
# This will write out information on the Get-AWSPowerShellVersion CmdLet. get-command Get-AWSPowerShellVersion | fl * Write-Host "Get caller identity with the AWS CLI" Write-Host "aws sts get-caller-identity" aws sts get-caller-identity Write-Host "Get the version of the Powershell module" Write-Host "Get-AWSPowerShellVersion" Get-AWSPowerShellVersion Write-Host "Get caller identity using the AWS PowerShell modules" Write-Host "Get-STSCallerIdentity" Get-STSCallerIdentity | Select-Object -Property *
Scripts can be run from two different locations: source code added to the step, or a script from a package.
The first option is to add the script source code to the step directly. This is done by selecting the
Source code option, and entering the source code into the text box in the
Script Content section.
The second option is to run a script from a package. This is done by selecting the
Script file inside a package option, selecting the package, and entering the name of the file within the package to run as a PowerShell script.
Need support? We're here to help.