I have the following:
environment variables defined in Terraform Cloud:
| Variables | Value |
|---|---|
| TFC_AWS_PROVIDER_AUTH | true |
| TFC_AWS_PROVIDER_AUTH_DEV | true |
| TFC_AWS_RUN_ROLE_ARN | arn:aws:iam::accountA:role/TerraformCloudIntegrationRole |
| TFC_AWS_RUN_ROLE_ARN_DEV | arn:aws:iam::accountB:role/TerraformCloudIntegrationRole |
providers.tf
terraform {
required_version = "~> 1.8.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.49.0"
}
}
}
provider "aws" {
shared_config_files = [var.tfc_aws_dynamic_credentials.default.shared_config_file]
region = var.region
}
provider "aws" {
alias = "dev"
shared_config_files = [var.tfc_aws_dynamic_credentials.aliases["DEV"].shared_config_file]
region = var.region
}
and in my main.tf
module "route53_records" {
source = "app.terraform.io/account-name/route53/aws//modules/records"
version = "~> 2.11"
providers = {
aws = aws.dev
}
zone_id = local.zone_id
records = [
{
name = "api-${module.label.stage}" # a.k.a. environment
type = "A"
alias = {
name = module.alb.dns_name
zone_id = module.alb.zone_id
}
}
]
}
running plan doesn’t produce any error but when I apply it, it uses the default provider instead of the alias, aws.dev, which doesn’t have access to the account where it’s supposed be created. What am I doing wrong or missing here? Thanks in advance!
1 post - 1 participant