Skip to content

AwsSecrets does not propagate correctly to Terraform

There are two cases that needs to be checked:

  • S3 backend
  • Use of AWS provider

When AwsSecrets are defined and then tied to both a source set and S3 backend, it seems that the following env vars are not propagated, even when they are set in AwsSecrets.

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SHARED_CREDENTIALS_FILE

It is possible that the way AWS_PROFILE is propagated might be incorrect, but it is the only one that currently works.

NOTE: It is also possible the same applied for AWS_CONFIG_FILE, but that has not been tested.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information