Error configuring Terraform AWS Provider: failed to get shared config profile

Hello,

I am trying to migrate to Terraform Cloud, but I am getting this error whenever I run terraform apply:

Error: error configuring Terraform AWS Provider: failed to get shared config profile, terraform

Below is my current provider setup and environment variables

provider "aws" {
  profile = "terraform"
  region  = "us-east-1"
}

provider "aws" {
  profile = "terraform"
  region  = "eu-west-1"
  alias   = "eu"
}

My shared configuration and credentials files are stored in the default location ($HOME/.aws/config and $HOME/.aws/credentials). I have tried explicitly specifying the locations of these files, but I still got the same error.

Any guidance would be much appreciated!

image1523×284 22.9 KB

Hi @awsynkoo_terraform,

It sounds like you are running your Terraform operation remotely in Terraform Cloud, using the remote operations feature.

When you do that, Terraform is running in a remote server which has no access to the files on your local computer except for the content of your current working directory, which Terraform CLI uploads to Terraform Cloud to allow running the operation.

There are two main options for you at this point:

• Remove the profile = "terraform" setting from your configuration and configure credentials for the remote operations to use as environment variables in the Terraform Cloud workspace settings. This means that all remote runs in Terraform Cloud will use a fixed set of credentials and you will no longer need local credentials on your computer.
• Disable remote operations for this workspace, which will then return to a similar usage pattern as before you used Terraform Cloud where the Terraform operations run on your local computer only, and therefore have access to your local credentials. In this case you don’t need to configure any environment variables in Terraform Cloud (as they are only for remote operations) but each person who runs Terraform CLI on their own computer will need to configure credentials locally first.

@apparentlymart, thank you so much for your clear and detailed explanation. In addition to removing the profile = "terraform" setting from my local configuration, I also had to delete the environment variable AWS_PROFILE in Terraform Cloud to make it work. I’m guessing when I store AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID in Terraform Cloud, they are no longer associated with the profile name? Anyways, I am glad that it worked! Thank you for your help.

Indeed… profile names are only significant when you have a credentials file in your home directory which contains multiple named profiles with different credentials.

In Terraform Cloud there is no credentials file and so the environment variables are the only source of credentials, so there are no named profiles to select from.