Environment: Github Actions
Authentication: configure-aws-credentials action, using OIDC.
Terraform AWS Provider: >= 4
The Context
We want to use a named AWS profile for convenience in our local environments, but the named profile doesn't exist in our CI/CD pipelines, and we can't create it there (the necessary location isn't writable).
The Issue
The V3 AWS Provider for Terraform would gracefully fall back in an attempt to find valid AWS credentials when it couldn't find credentials for a named profile.
The V4 AWS Provider does not. Instead of following the AWS-CLI workflow for locating credentials, the V4 provider halts and returns an error:
error configuring Terraform AWS Provider: failed to get shared config profile, XYZ
The Resolution
We set the profile dynamically in our Terraform code:
- Create a new variable. Make it a bool, with a default of false. I called mine "pipeline".
- Modify your provider's profile. If we're in a pipeline, set the profile to "". Otherwise, you can set it to whatever value you had before.
Top comments (0)