However, sops provider doesn't have an option of configuring AWS (or any other provider, like GCP or Azure) with shared_config_files option, and so it fails to authenticate and assume the correct role with identity token.
Would it be possible to either bake in some configuration options into provider "sops" {} block, or maybe allow setting environment variables for the provider, like this:
In Terraform Cloud it is possible configure dynamic AWS credentials using OIDC-providers: https://developer.hashicorp.com/terraform/enterprise/workspaces/dynamic-provider-credentials/aws-configuration
For workspaces with multiple AWS provider configurations, TFC would inject variable
tfc_aws_dynamic_credentials
:To use it in AWS provider you have to use configuration option
shared_config_files
:However, sops provider doesn't have an option of configuring AWS (or any other provider, like GCP or Azure) with
shared_config_files
option, and so it fails to authenticate and assume the correct role with identity token.Would it be possible to either bake in some configuration options into
provider "sops" {}
block, or maybe allow setting environment variables for the provider, like this: