How to configure environment variables in Hashicorp Terraform

Question

I'm quite new to Terraform, though I have gone through all of the instructional modules available on Hashicorp's site.

Currently, I'm struggling with understanding how to set up environment variables. I know how to reference variables in the main.tf config (access_key = "${var.access_key}"), and I know how to save that access key to a separate file and reference that, but what I don't understand (and can't find any documentation/instruction on) is how to set up environment variables so I don't have to save the access key to a file.

Does anyone know how best to go about doing this?

Answer 1

Terraform can infer the following environment variables for AWS

export AWS_ACCESS_KEY_ID="anaccesskey"
export AWS_SECRET_ACCESS_KEY="asecretkey"

Ref: https://www.terraform.io/docs/providers/aws/#environment-variables

But I would suggest trying the AWS Profile. You can add credentials to ~/.aws/credentials file like

[myprofile]
aws_access_key_id     = anaccesskey
aws_secret_access_key = asecretkey

and then you can set environment variable export AWS_PROFILE=myprofile. Now, if you run terraform from this shell, it should pick credentials listed under myprofile.

Also, you can have you AWS Provider code as follows:

provider "aws" {
  profile = "myprofile"
  region  = "${var.region}"
}

In my experience, interacting with AWS using profile is easy and better than setting environment variables on each shell.

You can refer an example here https://github.com/pradeepbhadani/tf-examples/blob/master/ex2/provider.tf

Hope this helps.