I'm trying to set up an AWS environment that requires two regions. I have the following provider file:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.50.0"
configuration_aliases = [ aws.main, aws.dr ]
}
}
}
provider "aws" {
alias = "main"
region = var.main_region
shared_config_files = ["~/.aws/config"]
shared_credentials_files = ["~/.aws/credentials"]
profile = "default"
allowed_account_ids = [var.account_id]
}
provider "aws" {
alias = "dr"
region = var.dr_region
shared_config_files = ["~/.aws/config"]
shared_credentials_files = ["~/.aws/credentials"]
profile = "default"
allowed_account_ids = [var.account_id]
}
I can do a 'terraform init' just fine, but when I try to plan, am getting the following error messages:
╷
│ Error: Invalid provider configuration
│
│ Provider "registry.terraform.io/hashicorp/aws" requires explicit configuration. Add a provider block to the root module and configure the provider's required arguments as described in the provider documentation.
│
╵
╷
│ Error: No valid credential sources found
│
│ with provider["registry.terraform.io/hashicorp/aws"],
│ on <empty> line 0:
│ (source code not available)
│
│ Please see https://registry.terraform.io/providers/hashicorp/aws
│ for more information about providing credentials.
│
│ Error: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, exceeded maximum number of attempts, 3, request send failed, Get "http://169.254.169.254/latest/meta-data/iam/security-credentials/": dial tcp 169.254.169.254:80: connectex: A socket
│ operation was attempted to an unreachable network.
I have all of my terraform code on the same directory and am not moduling out anything. I am on a Windows 11 box with terraform v.1.8.3 on the command line.
I've tried following the documentation, and the variables are all defined and the paths to my files seem correct. I've even tried using backslashes for the Windows file path, but I get the same error. a simple 'aws s3 ls --profile default' works from the command line. Not sure what I'm missing to get this to work.
It looks like you need at least one default provider, that is to say, one that does not have an alias. From the Terraform documentation:
If every explicit configuration of a provider has an alias, Terraform uses the implied empty configuration as that provider's default configuration. (If the provider has any required configuration arguments, Terraform will raise an error when resources default to the empty configuration.)
Therefore, my providers.tf file now looks like this (main alias removed):
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.50.0"
configuration_aliases = [ aws, aws.dr ]
}
}
}
provider "aws" {
region = var.main_region
shared_config_files = ["~/.aws/config"]
shared_credentials_files = ["~/.aws/credentials"]
profile = "default"
allowed_account_ids = [var.account_id]
}
provider "aws" {
alias = "dr"
region = var.dr_region
shared_config_files = ["~/.aws/config"]
shared_credentials_files = ["~/.aws/credentials"]
profile = "default"
allowed_account_ids = [var.account_id]
}