During the afterinstall step of a AWS application code deployment, I would like to install something as a Windows local services. I am using nssm to do so, but at some point I need to install the service using the local administrator account. Unfortunately, I cannot find a way to get the Windows password in an environment variable or using the command line in an automated way. Any idea ?
Thanks ! Emmanuel
We have solved the problem of securing Windows and related application credentials for use in install/automated processes by securing a properties file on S3, then downloading and parsing that file at instance launch time, or later in a CodeDeploy life-cycle hook.
For example in an S3 bucket called s3://credentials-example-com/example.properties :
WindowsAdminPassword=testing
You can download parse it as needed. In this example, I parse all the values to environment variables:
@echo off
rem Get credentials file from S3 and parse
echo Get credentials
if not exist c:\temp mkdir c:\temp
aws s3 cp s3://credentials-example-com/example.properties c:\temp
@echo off
FOR /F "tokens=1,2 delims==" %%G IN (c:\temp\example.properties) DO (
echo.%%G|findstr "#" >nul 2>&1
if errorlevel 1 (
echo Setting %%G
setx /m example_%%G %%H
set example_%%G=%%H
)
)
echo Done
There may be security implications if you parse the Windows admin password into the environment using SETX
- but for your purposes if you use a simple SET
the variable will only persist with the existing shell.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.