I'll update later, but for now...
$ terraform --version
Terraform v0.12.17
+ provider.aws v3.23.0
I have an AWS profile set in my ./aws/credentials and ~/.aws/config files, like so...
~/.aws/credentials
[default]
aws_access_key_id=****
aws_secret_access_key=****
[myprofile]
aws_access_key_id=****
aws_secret_access_key=****
~/.aws/config
[default]
region=us-east-1
output=json
[profile myprofile]
region=us-east-1
output=json
In my Terraform plan, I have
provider "aws" {
region = "us-east-1"
profile = "myprofile"
}
terraform {
required_version = ">= 0.12.17, < 0.13"
}
resource "aws_vpc" "vpc" {
cidr_block = "10.123.123.0/24"
tags = {
Name = "test_vpc"
}
}
output "vpc_id" {
value = aws_vpc.vpc.id
}
And I have a plan that creates a VPC, so I do
$ export AWS_PROFILE=myprofile
$ terraform apply
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Outputs:
module_vpc_id = vpc-123456abced
As you can see the plan creates the VPC, however, the VPC doesn't get created in the myprofile account but in the default account. I know so because 1) I don't see it in the myprofile account, and 2) when I destroy the plan, it shows the owner_id as the default account number. Why?
Update: Note if I add the access_key and secret_key key/value pairs in my provider {} block, it creates the VPC in the correct account. Of course I don't wanna do this, but just wanted to prove that the script indeed works with the myprofile account.
Update: Note the following commands return nothing (blanks)
$ echo $AWS_ACCESS_KEY_ID
$ echo $AWS_SECRET_ACCESS_KEY
and running env doesn't show those variables.
profileis third in priority, behind ENV variables and static credentails. Can you verify that you don't have any ENV variables set when you try to use profile? – Marcinecho $AWS_ACCESS_KEY_IDandecho $AWS_SECRET_ACCESS_KEYreturn nothing. – Chris FAWS_PROFILE? – Marcin