Configure Amazon Simple Storage Service (S3) Artifacts

Learn how to configure Spinnaker to use Amazon S3 as an artifact source.

S3 artifact configuration

The example on this page describes how to reference a Helm chart tarball for later use during deployment.

This is a quick walkthrough of how to configure SpinnakerTM and Armory to access an S3 bucket as a source of artifacts. Many of the configurations below have additional options that may be useful (or possibly required).

Enable S3 artifacts

If you’ve just installed Spinnaker or Armory, you need to enable S3 as an artifact source.

Add the following snippet to SpinnakerService manifest:

apiVersion: spinnaker.armory.io/v1alpha2
kind: SpinnakerService
metadata:
  name: spinnaker
spec:
  spinnakerConfig:  
    config:
      features:
        artifacts: true
      artifacts:
        s3:
          enabled: true

Add S3 account

You only need to configure the S3 credentials as an account – all buckets that account has access to can be referenced after that.

apiVersion: spinnaker.armory.io/v1alpha2
kind: SpinnakerService
metadata:
  name: spinnaker
spec:
  spinnakerConfig:  
    config:
      features:
        artifacts: true
      artifacts:
        s3:
          enabled: true
          accounts:
          - name: my-s3-account
            region: us-west-2 # S3 region
            awsAccessKeyId: ABCDEF01234... # Your AWS Access Key ID. If not provided, Spinnaker will try to find AWS credentials as described at http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default
            awsSecretAccessKey: abc        # Your AWS Secret Key. This field supports "encrypted" secret references

Apply your changes with kubectl -n <spinnaker namespace> apply -f <SpinnakerService manifest>.


Last modified September 5, 2023: (17d76bcd)