Invalid Terraform AWS provider credentials when passing AWS system manager parameter store vatiables

Question

asked Dec 30, 2020 in AWS by devin (5.6k points)

AWS Terraform needs access to a credential for which I used AWS system manager to retrieve access key and secret key within buildspec.yml. But it's giving me invalid credentials:

Error: error configuring Terraform AWS Provider: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
status code: 403, request id: xxxx

Below is the buildspe.yml,

version: 0.2
env:
shell: bash
parameter-store:
TF_VAR_AWS_ACCESS_KEY_ID: TF_AWS_ACCESS_KEY_ID
TF_VAR_AWS_SECRET_ACCESS_KEY: TF_AWS_SECRET_ACCESS_KEY
phases:
install:
commands:
- wget https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip -q
- unzip terraform_0.12.28_linux_amd64.zip && mv terraform /usr/local/bin/
- printf "provider "aws" {\n\taccess_key = var.AWS_ACCESS_KEY_ID\n\tsecret_key = var.AWS_SECRET_ACCESS_KEY\n\tversion = \"~> 3.2.0\"\n}" >> provider.tf
- printf "variable "AWS_ACCESS_KEY_ID" {}\nvariable "AWS_SECRET_ACCESS_KEY" {}" > vars.tf
- printf "resource \"aws_s3_bucket\" \"test\" {\n\tbucket = \"test\"\n\tacl = \"private\"\n}" >> s3.tf
- terraform init
- terraform plan

How to resolve this issue?

1 Answer

Related questions

0 votes

1 answer

How do I create an SSH key in Terraform?

asked Feb 10, 2021 in AWS by devin (5.6k points)

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes

1 answer

How to create roles in Terraform?

asked Dec 8, 2020 in AWS by devin (5.6k points)

0 votes

1 answer

How to create EFS in multi availability zones using terraform?

asked Dec 1, 2020 in AWS by devin (5.6k points)

0 votes

1 answer

How to create an AWS Security Group rule allowing RDP ports from anywhere using Terraform?

asked Mar 3, 2021 in AWS by devin (5.6k points)

0 votes

1 answer

Terraform AWS Security Group self reference

asked Dec 20, 2020 in AWS by devin (5.6k points)

kritika · Answer 1 · 2020-12-30T07:13:26+0000

Usually, we don't require hard-code credentials for Terraform to work, instead, you can use the CodeBuild IAM role that would be enough for terraform.

The below CodeBuild role with S3 permission which allows creating a bucket, you can modify it accordingly:

version: 0.2
phases:
install:
commands:
- wget https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip -q
- unzip terraform_0.12.28_linux_amd64.zip && mv terraform /usr/local/bin/
- printf "resource \"aws_s3_bucket\" \"test\" {\n\tbucket = \"test-43242-efdfdfd-4444334\"\n\tacl = \"private\"\n}" >> s3.tf
- terraform init
- terraform plan
- terraform apply -auto-approve

Do checkout aws certification training to learn more about AWS.

You can check out the video tutorial on Terraform by Intellipaat!

Invalid Terraform AWS provider credentials when passing AWS system manager parameter store vatiables

1 Answer

Related questions

Browse Categories