Terraform: can't authenticate to aws provider using shared config file or static variables

1
votes

I'm trying to use terraform to manage AWS resources and trying to set up the credentials configuration. I'm following the official documentation: https://www.terraform.io/docs/providers/aws/index.html

My first idea was set a shared credentials file so I configure it:

  • ~.aws/credentials

    [default]
aws_access_key_id=****
aws_secret_access_key=****

  • ~.aws/config

    [default]
region=us-east-1
output=json

  • app/main.tf

    provider "aws" {
    region = "us-east-1"
    version = "~> 2.0"
    profile = "default"
}

terraform {
    backend "s3" {
        bucket = "example-bucket"
        key    = "terraform-test.tfstate"
        region = "us-east-1"
  }
}

When I run terraform init I receive the following message:

Error: No valid credential sources found for AWS Provider.
        Please see https://terraform.io/docs/providers/aws/index.html for more information on
        providing credentials for the AWS Provider

I have already tested the credentials using aws cli and it's working perfectly.

After that, I tried to configure static credentials in main.tf like this:

provider "aws" {
    region = "us-east-1"
    version = "~> 2.0"
    access_key = "****"
    secret_key = "****"
}

Same error...

I decided to test with environment variables and then it worked. But now I want to know why I could not configure with static variables or shared config file. All this cases was described in the official docs, what am I doing wrong?

3
amazon-web-servicesterraform

3 Answers

1
votes

By terraform documentation, you can specifiy the credentials file by code. example:

provider "aws" {
  region                  = "us-west-2"
  shared_credentials_file = "/Users/tf_user/.aws/creds"
  profile                 = "customprofile"
}

*I'd also make sure that the env variables aren't set (just to ensure that terraform surely looks for the credentials file), as the priority of the credentials that terraform will look for are:

a. Inline acces key and secret key.

b. Environemnt variables

c. Credentials file

0
votes

I've encountered the same issue in the past. The only way I know to get past it is to set the following environment variable before running any terraform commands:

export AWS_SDK_LOAD_CONFIG=true
0
votes

Adding more info for the next person who comes across this.

I tried the same code as the OP, short of putting the creds inline in the tf file.

One of the responses mentioned "env variables".

Ran $ env and saw I had some set.

Ran this to eliminate them:

$ unset AWS_ACCESS_KEY_ID && unset AWS_SECRET_ACCESS_KEY && \
    unset AWS_SESSION_TOKEN && unset AWS_DEFAULT_REGION

This was my problem! Wasted maybe 3 hours of frustration trying to narrow this down.