No valid credential sources found when using profile in provide aws

Rex Zhen

unread,

Aug 29, 2017, 8:27:32 PM8/29/17

to Terraform

This is my ~/.aws/credentials file

[default]

aws_access_key_id = xxxxxxxxxx

aws_secret_access_key = xxxxxxxxxxxx

[ops]

role_arn = arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxx

source_profile = default

This is my terraform file (I tried terraform version v0.10.2 and v0.10.0)

provider "aws" {

profile = "ops"

region = "us-east-1"

shared_credentials_file = "/Users/xxxxx/.aws/credentials"

}

whatever i use the ~/.aws/credentials or full path like above.

I keep getting

Error running plan: 1 error(s) occurred:

No valid credential sources found for AWS Provider.

the default profile works fine. but not the 2nd profile.

google it, some ppl said there was a bug which was fixed month ago.

Anyone can help?

Fernando Miguel

unread,

Aug 30, 2017, 1:44:04 AM8/30/17

to terrafo...@googlegroups.com

I think you need to assume role in your provider.

At least that's how we do

--

Fernando Miguel

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Terraform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to terraform-too...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/394d575d-985d-48f6-85be-7448d42e1261%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Rex Zhen

unread,

Aug 30, 2017, 12:06:41 PM8/30/17

to terrafo...@googlegroups.com

that is tricky. the official doc in terraform is not clear.

it works like this in the provider block

provider "aws" {

profile = "default"

region = "xxxxxxxx"

assume_role {

role_arn = "arn:aws:iam::xxxxxxxxx:role/xxxxxxx"

session_name = "terraform"

}

To unsubscribe from this group and stop receiving emails from it, send an email to terraform-tool+unsubscribe@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/394d575d-985d-48f6-85be-7448d42e1261%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/hashicorp/terraform/issues
IRC: #terraform-tool on Freenode
---

You received this message because you are subscribed to a topic in the Google Groups "Terraform" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/terraform-tool/xNM5A67xYu4/unsubscribe.
To unsubscribe from this group and all its topics, send an email to terraform-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/terraform-tool/533BAA7A-505B-4896-B0ED-149544F3E3EB%40fernandomiguel.net.

Reply all

Reply to author

Forward