AWSCLI Profiles

I’ve been creating a config to prompt me for which awscli profile I want to use before doing a plan. I have the configs in place and it works perfectly.

The thing I want to know is if there is a way to still allow for getting the temp creds from aws and pasting them in to bypass the prompt? Right now I would think regardless if I paste temp creds into my terminal, it’s going to prompt which profile to use. 95% of the time I’m going to want to use my profile, but I hate limiting myself to not being able to just paste the creds in if I need to.

Looking forward to any ideas :slight_smile: Thanks in advance

Hi @aricwilisch,

The input prompts produced by Terraform itself are mainly there to help new Terraform users get started with an incomplete configuration, and aren’t really intended for ongoing use as a primarily workflow. As a result, the customization ability for those is very limited.

The recommended way to use the AWS provider for “real” use is to configure your credentials the same way as you would for the aws CLI – commonly, using profiles in the credentials file as you’ve done here – and then use the standard AWS environment variables to either select a profile (using AWS_PROFILE) or provide credentials directly (using AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY). In all such cases, Terraform should not produce any interactive prompts at all because it should be obtaining the required settings either directly from the configuration or in from the surrounding environment.

That way Terraform can be used in any context where the AWS CLI is properly configured, including non-interactive contexts like automation. Automation is a common end-state for organizations using Terraform in production, e.g. to ensure that an entire team can run Terraform in a consistent way in a single location, so I’d recommend constructing your system with that in mind even if you intend to run Terraform directly from a CLI prompt for now.