Amazon Web Services integration

Amazon integrations the most popular type of integrations in Buddy. We are currently supporting 10 AWS integrations and constantly add more depending on community feedback.

Thanks to our predefined actions, you can create a pipeline that will, for example, automatically upload your repository files to the selected S3 bucket, run tests with a Lambda function, and purge your CloudFront cache while registering a new task definition with AWS ECS:

Pipeline example

Buddy is a pipeline delivery automation tool that integrates with Amazon services. If you've never used Buddy before, this article will show you the ropes.

Setting up AWS integration

Integrating Buddy with AWS can be performed in two ways: with Access & Secret keys, or by assuming a role with permissions to Buddy in the Amazon account.

For maximum security, we recommend delegating permissions with a role from the AWS console.

Delegate role

  1. Log in to your AWS account and go to IAMRoles.

  2. Click Create role:

  3. Select Another AWS account as the type of trusted entity and set the Account ID to:

    056014222594

    For additional security, check Require external ID. Make sure to remember the secret as we are going to use it shortly.

  4. Click Next: Permissions to proceed.

  5. Select the policies that you want to assign to Buddy:

    The full list of policies required by Buddy to work with AWS services is available here.

  6. Click Next: Tags to proceed.

  7. (Optional) Add IAM tags to your role if your workflow requires it:

  8. Click Next: Review to proceed.

  9. Check if everything is okay and click Create role to finish configuration. Make sure to copy the Role ARN:

  10. Go back to Buddy and choose the desired AWS action from the Amazon Web Services section: Amazon Web Services actions

  11. Configure your AWS integration:

    • enter the name of your integration
    • paste the Role ARN and External ID from the AWS console Adding AWS integration

Access & Secret keys

  1. Log in to your AWS account and go to IAMUsers.

  2. Click Add a new user and fill in the details. Make sure to check the Programmatic access type.

  3. Depending on what service you use on the permissions page switch to Attach existing policies directly and check proper policies.

    Click here for the list of policies that need to be checked in order to make Buddy work properly with the AWS services.

  4. Once the user is created, switch to the Security credentials tab and create an Access Key: Security credentials tab

  5. A pop-up will appear. Make sure to copy the Access key and Secret key: Creating access key

  6. Go back to Buddy and choose the desired AWS action from the Amazon Web Services section: Amazon Web Services actions

  7. Configure your AWS integration:

    • enter the name of your integration

    • paste the Access and Secret keys that you copied from the AWS console Adding AWS integration

      If you want Buddy to assume your delegated role upon logging with the keys, you can provide the role's ARN and External ID.

      Role assumption in key-based integration

  8. Configure the action details. When ready, click Add this action to finish configuration.

If you want to add, edit or delete yet another AWS integration, have a look at this article.