ExternalDockerCredentialOptions

class aws_cdk.pipelines.ExternalDockerCredentialOptions(*, assume_role=None, secret_password_field=None, secret_username_field=None, usages=None)

Bases: object

Options for defining credentials for a Docker Credential.

Parameters:

assume_role (Optional[IRole]) – An IAM role to assume prior to accessing the secret. Default: - none. The current execution role will be used.
secret_password_field (Optional[str]) – The name of the JSON field of the secret which contains the secret/password. Default: ‘secret’
secret_username_field (Optional[str]) – The name of the JSON field of the secret which contains the user/login name. Default: ‘username’
usages (Optional[Sequence[DockerCredentialUsage]]) – Defines which stages of the pipeline should be granted access to these credentials. Default: - all relevant stages (synth, self-update, asset publishing) are granted access.

ExampleMetadata:

infused

Example:

# Example automatically generated from non-compiling source. May contain errors.
docker_hub_secret = secretsmanager.Secret.from_secret_complete_arn(self, "DHSecret", "arn:aws:...")
# Only the image asset publishing actions will be granted read access to the secret.
creds = pipelines.DockerCredential.docker_hub(docker_hub_secret, usages=[pipelines.DockerCredentialUsage.ASSET_PUBLISHING])

Attributes

assume_role

An IAM role to assume prior to accessing the secret.

Default:

none. The current execution role will be used.

secret_password_field

The name of the JSON field of the secret which contains the secret/password.

Default:: ‘secret’

secret_username_field

The name of the JSON field of the secret which contains the user/login name.

Default:: ‘username’

usages

Defines which stages of the pipeline should be granted access to these credentials.

Default:

all relevant stages (synth, self-update, asset publishing) are granted access.