aws: re-introduce support for AWS_SECURITY_TOKEN #1785
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Do you know that this variable name is deprecated? |
|
I understand there is a new standard way for AWS environment variables. For previous versions of terraform, AWS_SECURITY_TOKEN was documented as the variable for session tokens. |
|
I agree that despite deprecation, Terraform should support all old and new. |
|
(Its just a free trade for support, it doesn't cost us anything and it makes the UX better for users that still use the old value) |
mitchellh
added a commit
that referenced
this pull request
May 4, 2015
aws: re-introduce support for AWS_SECURITY_TOKEN
catsby
pushed a commit
that referenced
this pull request
Sep 13, 2016
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: #1785) Example ENV: ``` AWS_SECURITY_TOKEN="FQo...vgU=" AWS_ACCESS_KEY_ID="A...A" AWS_SECRET_ACCESS_KEY="I...t" AWS_DEFAULT_REGION="eu-west-1" ``` This errors with messages akin to "AWS was not able to validate the provided access credentials". Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: https://github.com/hashicorp/terraform/blob/d1ac7d3b2e1be2f32092275340f33a2d73f7b31a/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go#L69, making this whole thing a documentation change. Happy to provide test cases or additional insights though!
catsby
pushed a commit
that referenced
this pull request
Sep 13, 2016
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: #1785) Example ENV: ``` AWS_SECURITY_TOKEN="FQo...vgU=" AWS_ACCESS_KEY_ID="A...A" AWS_SECRET_ACCESS_KEY="I...t" AWS_DEFAULT_REGION="eu-west-1" ``` This errors with messages akin to "AWS was not able to validate the provided access credentials". Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: https://github.com/hashicorp/terraform/blob/d1ac7d3b2e1be2f32092275340f33a2d73f7b31a/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go#L69, making this whole thing a documentation change. Happy to provide test cases or additional insights though!
grubernaut
pushed a commit
to hashicorp/terraform-provider-aws
that referenced
this pull request
Jun 9, 2017
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: hashicorp/terraform#1785) Example ENV: ``` AWS_SECURITY_TOKEN="FQo...vgU=" AWS_ACCESS_KEY_ID="A...A" AWS_SECRET_ACCESS_KEY="I...t" AWS_DEFAULT_REGION="eu-west-1" ``` This errors with messages akin to "AWS was not able to validate the provided access credentials". Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: https://github.com/hashicorp/terraform/blob/d1ac7d3b2e1be2f32092275340f33a2d73f7b31a/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go#L69, making this whole thing a documentation change. Happy to provide test cases or additional insights though!
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This re-enables support for the AWS_SECURITY_TOKEN environmental variable for AWS session tokens.