AWS044 - AWS provider has access credentials specified.

Written by tfsec

Explanation

The AWS provider block should not contain hardcoded credentials. These can be passed in securely as runtime using environment variables.

Insecure Example

The following example will fail the AWS044 check.

provider "aws" {
  access_key = "AKIAABCD12ABCDEF1ABC"
  secret_key = "s8d7ghas9dghd9ophgs9"
}

Secure Example

The following example will pass the AWS044 check.

provider "aws" {
}

Related Links

• https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html

---