Problem
When using the HCP Terraform cloud integration and attempting to pass AWS credentials using the shared_credentials_file argument in the provider configuration, you may receive the following error.
Error: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors
Cause
This error occurs if the path to the AWS credentials file specified in your configuration is outside of the repository's directory structure. For example, you may configure the path as shared_credentials_file = "$HOME/.aws/credentials".
HCP Terraform runs occur in disposable Linux virtual machines that do not have access to your local computer's file system. The run environment only includes the contents of your configuration's repository, so it cannot find a file located in a local path like $HOME/.aws/credentials.
Solutions
There are two approaches to resolve this issue. The recommended solution is to use HCP Terraform workspace variables, which securely store your credentials.
Solution 1: Relocate the AWS Credentials File (Use with Caution)
You can resolve the path error by moving the AWS credentials file into your project's repository. Update the shared_credentials_file argument to reference the file's new location within the repository.
Note: This approach is not recommended as a best practice. Storing credentials in plain text within your repository poses a significant security risk, especially if the repository is public. Hard-coded credentials can lead to secret leakage if committed to a version control system.
Solution 2: Use HCP Terraform Workspace Variables (Recommended)
The recommended and most secure method for managing AWS credentials is to use HCP Terraform workspace environment variables. You can store your AWS access key ID and secret access key as sensitive variables within the workspace where your runs execute.
When you set variables as sensitive, HCP Terraform redacts their values in the UI and logs.
To manage a workspace's variables, navigate to the workspace and select the Variables tab. For detailed instructions, refer to the documentation on managing variables in the HCP Terraform UI.