Use env variable in artifact block


I pushed a Docker image on s3 and I would like to download this one with the artifact block to run my container.

I try to use env variable (AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY) stored in Vault to authenticate on s3 but it seems that it’s not working.

failed to download artifact "s3::https://xxxxxxxxxxxxx": NoCredentialProviders: no valid providers in chain caused by: EnvAccessKeyNotFound: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY not found in environment SharedCredsLoad: failed to load shared credentials file caused by: FailedRead: unable to open file caused by: open /root/.aws/credentials: no such file or directory EmptyEC2RoleList: empty EC2 Role list

I think it’s not very safe to put the credentials directly in the job.

Do you have a solution ?

Thank you for your help


Have you ever found a solution for this?

Hello @vvarga ,

No sorry :face_with_diagonal_mouth:

If you check the systemd service file for nomad you can see it will pull environment variables from “/etc/nomad.d/nomad.env”

[root@xxxxx ~]# grep Environment /usr/lib/systemd/system/nomad.service

If you set the AWS access id, and secret key there, it works with AWS S3,
but doesn’t work with an on-prem s3 compatible object storage.