search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
41.63k stars 9.41k forks source link

S3 backend AWS SSO Auth error #34516

Open KaplanAlex opened 5 months ago

KaplanAlex commented 5 months ago

Terraform Version

Terraform v1.6.6
on darwin_arm64

Terraform Configuration Files

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.21"
    }
  }
  backend "s3" {
    profile        = "default"
    bucket         = "<state-bucket>"
    dynamodb_table = "terraform-state-lock"
    key            = "global/terraform.tfstate"
    region         = "us-west-2"
  }

  required_version = ">= 1.2.0, < 2.0.0"
}

provider "aws" {
  profile = "default"
  region  = "us-west-2"
}

# As of 10.17.23 IAM Identity Center is only available in us-east-2
provider "aws" {
  alias   = "east"
  profile = "default"
  region  = "us-east-2"
}

Debug Output

https://gist.github.com/KaplanAlex/e12c170a9600cd01ff519dc491770c6d

Expected Behavior

Terraform should have access to s3 backend through the sso profile.

Actual Behavior

Terraform is not able to access the s3 backend.

Steps to Reproduce

  1. terraform init

Additional Context

The cache file it's looking for does not exist. There are valid credentials in other cache files and other aws cli commands work (e.g. aws s3 ls). How does terraform determine the location of the cache file to find?

References

Appears similar to https://github.com/hashicorp/terraform/issues/34248 but proposed resolutions did not work.

crw commented 5 months ago

Thanks for the report!