AWS Authentication
Configure AWS credentials for Terraform to create resources. Choose the method that fits your setup.
Option A: AWS CLI Profile (Recommended for Local Development)
# Configure a named profile
aws configure --profile internal-scanning
# You'll be prompted for:
# - AWS Access Key ID
# - AWS Secret Access Key
# - Default region (e.g., eu-west-1)
# - Default output format (json)
# Set the profile for your session
export AWS_PROFILE=internal-scanning
# Verify access
aws sts get-caller-identityOption B: Environment Variables
export AWS_ACCESS_KEY_ID="your-access-key"
export AWS_SECRET_ACCESS_KEY="your-secret-key"
export AWS_REGION="eu-west-1"
# Verify access
aws sts get-caller-identityOption C: AWS SSO (Recommended for Organizations)
If your organization uses AWS IAM Identity Center (SSO):
# Configure SSO
aws configure sso
# You'll be prompted for:
# - SSO start URL (e.g., https://your-org.awsapps.com/start)
# - SSO region
# - Account and role to use
# Login to SSO
aws sso login --profile your-sso-profile
# Set the profile
export AWS_PROFILE=your-sso-profile
# Verify access
aws sts get-caller-identityOption D: IAM Role (for CI/CD Pipelines)
For automated deployments, use an IAM role with the necessary permissions. Configure your CI/CD platform to assume the role.
Verify Credentials
Regardless of method, always verify your credentials before proceeding:
# Should return your account ID, user/role ARN
aws sts get-caller-identity
# Expected output:
# {
# "UserId": "AIDAXXXXXXXXXXXXXXXXX",
# "Account": "123456789012",
# "Arn": "arn:aws:iam::123456789012:user/your-user"
# }Next Steps
Once authenticated, continue with the Terraform deployment guide.
Last updated on