I cannot for the life of me get this to work. I need to have the AWS_PROFILE
environment variable set to get terragrunt to run properly. If I run:
export AWS_PROFILE=myprofile; terragrunt plan
That will work, but that's not what I'm after I want to just run:
terragrunt plan
and have that auto choose the correct aws profile I should be using. Here is what I have:
generate "provider" {
path = "provider.tf"
if_exists = "overwrite_terragrunt"
contents = <<EOF
provider "aws" {
region = "${local.region}"
profile = "${trimspace(run_cmd("bash", "${get_parent_terragrunt_dir()}/../../set_profile.sh",local.profile))}"
}
EOF
}
remote_state {
backend = "s3"
generate = {
path = "backend.tf"
if_exists = "overwrite"
}
config = {
...
...
region = local.region
profile = local.profile
...
...
}
}
It always throws the error on me:
Error finding AWS credentials (did you set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables?): NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
The set_profile.sh
script is the following:
#!/bin/bash
VALUE=$(echo $1 | sed $'s/\r//')
export AWS_PROFILE=$VALUE
echo "$AWS_PROFILE"
If I echo out my AWS_PROFILE
it's still blank. So it's like the run command isn't actually saving the export value to my console.
What am I doing wrong? Has anyone actually successfully been able to dynamically set their AWS_PROFILE
with terragrunt?
That's my solution. I have the following structure:
<project>
|-- <region1>
|-- <region2>
|-- account.hcl
terragrunt.hcl
In account.hcl
locals {
aws_profile_name = "myprofile"
}
In main terragrunt.hcl
locals {
# Automatically load account-level variables
account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
aws_profile = local.account_vars.locals.aws_profile_name
}
terraform {
extra_arguments "aws_profile" {
commands = [
"init",
"apply",
"refresh",
"import",
"plan",
"taint",
"untaint"
]
env_vars = {
AWS_PROFILE = "${local.aws_profile}"
}
}
}
remote_state {
...
config = {
...
profile = "${local.aws_profile}"
}
}
generate "provider" {
...
contents
contents = <<EOF
provider "aws" {
profile = "${local.aws_profile}"
}
EOF
}
...