How to use AWS Secrets Manager as Credentials Backend


We are trying to use aws secrets manager and are unsure about how to properly name the keys in ASM and then reference them back in the pipeline definition.

We have a secret in ASM with the key /concourse/my-team/
In the pipeline we reference the secret like this:

aws-secret-access-key: ((

When we run:

fly -t my-team set-pipeline --pipeline "the-pipeline" \
        --config "pipeline.yaml" \
        --non-interactive \

It fails with Expected to find variables: local

May there a problem with the keyname containing dots?

Best, Till


If it tells you Expected to find variables: local, yes, it means it is looking up a variable with that name. You can quickly check your hypothesis (dots not accepted) by using another variable name without dots.


@marco-m we found the code that is actually doing the “split by dot”:

So I guess we just change the var name :wink: