In my bootstrtap.tf I did:
module "ec2-instance" {
source = "terraform-aws-modules/ec2-instance/aws"
version = "5.6.0"
}
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}
required_version = ">= 1.2.0"
}
provider "aws" {
region = "eu-west-1"
access_key = "XXXXXX"
secret_key = "XXXXXXXXXXX"
}
And I did manage to do:
terraform plan
But if did not want to specify hardcoded credentials therefore I did:
aws configure
And I changed the provider with:
provider "aws" {
region = "eu-west-1"
profile = "default"
}
But I got:
Planning failed. Terraform encountered an error while generating this plan.
╷
│ Error: configuring Terraform AWS Provider: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, decomposing request: net/http: invalid header field value for "Authorization"
│
│ with provider["registry.terraform.io/hashicorp/aws"],
│ on bootstrap.tf line 18, in provider "aws":
│ 18: provider "aws" {
│
It sees that terraform ignores the default aws files despite having the correct credentials. I did try to see whats wrong with the aws cli:
aws configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************X shared-credentials-file
secret_key ****************/XXX shared-credentials-file
And my ~/.aws/config
is:
[default]
region = eu-west-1
output = json
And my aws cli version is:
aws-cli/2.15.17 Python/3.11.6 Linux/5.15.0-94-generic exe/x86_64.linuxmint.21 prompt/off
Therefore why I am unable to use the aws settings file with default profile?
As documentation says the nessesary files do exist:
$ ls -l $HOME/.aws/config
-rw-rw-r-- 1 pcmagas pcmagas 43 Φεβ 15 11:49 /home/pcmagas/.aws/config
$ ls -l $HOME/.aws/credentials
-rw-rw-r-- 1 pcmagas pcmagas 119 Φεβ 6 18:53 /home/pcmagas/.aws/credentials
As asked upon:
$ aws sts get-caller-identity
Unable to parse response (no element found: line 1, column 0), invalid XML received. Further retries may succeed:
b''
The command is unable to parse the response.
2
Answers
When working with Terraform, you’ll want to create a variables.tf file to declare variables for credentials:
Next, update your providers.tf file (or in your case, bootstrtap.tf):
To pass values to these variables, you have options like:
1- Via .tfvars file: Although I do not recommend it, you can pass variables via a .tfvars file. If the file is not in the root directory, you can use the following command:
2- Via Environment Variables: You can set environment variables for your variables like so:
export TF_VAR_=xxxxx
in your case:
Then, run terraform plan. It will read the credentials with no extra flags.
3- CLI: You can pass variables directly via the CLI like this:
Choose the method that best suits your workflow and security requirements.
I’m facing similar issue.
code in image doesnt work in my windows machine.
Not only this file, I have created almost 20 – 30 files.
Most files doesnt work in my host machine but same works in linux ec2 instance.
error – in next ss.