At the moment, I am using something like below to fetch credentials (from Jenkins Credentials store) and then use it in Pipeline jobs.

withCredentials([string(credentialsId: 'AWS_ACCESS_KEY_ID', variable: 'AWS_ACCESS_KEY_ID'),
string(credentialsId: 'AWS_SECRET_ACCESS_KEY', variable: 'AWS_SECRET_ACCESS_KEY')])

I have a requirement where the password or any other secure string has to be fetched from somewhere else (credstash for example). I can script this out in groovy and get the secret into a variable (say env.MYSECRET), but I am not sure if it is possible to mask this variable MYSECRET.

Can this be done with the latest version of the plugin? If not, can you pls take this as a feature request.