skip to Main Content

In my bootstrtap.tf I did:

module "ec2-instance" {
  source  = "terraform-aws-modules/ec2-instance/aws"
  version = "5.6.0"
}

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }

  required_version = ">= 1.2.0"
}


provider "aws" {
  region  = "eu-west-1"
  access_key = "XXXXXX"
  secret_key = "XXXXXXXXXXX"
}

And I did manage to do:

terraform plan

But if did not want to specify hardcoded credentials therefore I did:

aws configure

And I changed the provider with:

provider "aws" {
  region  = "eu-west-1"
  profile = "default"
}

But I got:

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: configuring Terraform AWS Provider: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, decomposing request: net/http: invalid header field value for "Authorization"
│ 
│   with provider["registry.terraform.io/hashicorp/aws"],
│   on bootstrap.tf line 18, in provider "aws":
│   18: provider "aws" {
│ 

It sees that terraform ignores the default aws files despite having the correct credentials. I did try to see whats wrong with the aws cli:

aws configure list
      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************X  shared-credentials-file    
secret_key     ****************/XXX shared-credentials-file    

And my ~/.aws/config is:

[default]
region = eu-west-1
output = json

And my aws cli version is:

aws-cli/2.15.17 Python/3.11.6 Linux/5.15.0-94-generic exe/x86_64.linuxmint.21 prompt/off

Therefore why I am unable to use the aws settings file with default profile?

As documentation says the nessesary files do exist:

$ ls -l $HOME/.aws/config
-rw-rw-r-- 1 pcmagas pcmagas 43 Φεβ  15 11:49 /home/pcmagas/.aws/config
$ ls -l $HOME/.aws/credentials
-rw-rw-r-- 1 pcmagas pcmagas 119 Φεβ   6 18:53 /home/pcmagas/.aws/credentials

As asked upon:

$ aws sts get-caller-identity

Unable to parse response (no element found: line 1, column 0), invalid XML received. Further retries may succeed:
b''

The command is unable to parse the response.

2

Answers


  1. When working with Terraform, you’ll want to create a variables.tf file to declare variables for credentials:

    
        variable "aws-access-key" {
          type     = string
          sensitive = true
        }
        
        variable "aws-secret-key" {
          type     = string
          sensitive = true
        }
    
    

    Next, update your providers.tf file (or in your case, bootstrtap.tf):

        terraform {
          required_providers {
            aws = {
              source  = "hashicorp/aws"
              version = "~> 4.16"
            }
          }
        
          required_version = ">= 1.2.0"
        }
        
        provider "aws" {
          region      = "eu-west-1"
          access_key  = var.aws-access-key
          secret_key  = var.aws-secret-key
        }
    
    

    To pass values to these variables, you have options like:

    1- Via .tfvars file: Although I do not recommend it, you can pass variables via a .tfvars file. If the file is not in the root directory, you can use the following command:

    
        terraform plan -var-file="/path/to/variables.tfvars"
    
    

    2- Via Environment Variables: You can set environment variables for your variables like so:
    export TF_VAR_=xxxxx
    in your case:

    export TF_VAR_aws-access-key=xxxxx
    export TF_VAR_aws-secret-key=xxxxx
    

    Then, run terraform plan. It will read the credentials with no extra flags.

    3- CLI: You can pass variables directly via the CLI like this:

    
        terraform plan -var="aws-access-key=xxxxxx" -var="aws-secret-key=XXXXXX"
    
    

    Choose the method that best suits your workflow and security requirements.

    Login or Signup to reply.
  2. I’m facing similar issue.

    code in image doesnt work in my windows machine.

    Not only this file, I have created almost 20 – 30 files.

    Most files doesnt work in my host machine but same works in linux ec2 instance.

    error – in next ss.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search