AWS_PROFILE not working, commands failing

What happened?

In pulumi-aws v5+, if the provider profile is specified by the config, it is now required to set the AWS_ACCESS_KEY and AWS_SECRET_KEY for that specific profile. Previously if there were no credentials, Terraform would fall back on the credentials found in the environment.

GH Issue Terraform Provider Update

Given this, I am attempting to pass AWS_PROFILE as an env parameter to the actions as recommended here. However, this does not work and there is no way to relate the credentials to the was profile so Pulumi does not fail the command.

Steps to reproduce

1. Have an AWS profile set up in your aws provider.

- name: Pulumi preview
        uses: pulumi/actions@v3
        with:
          command: preview
          stack-name: myStack
        env:
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          AWS_PROFILE: ${{ env.AWS_PROFILE }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_REGION: ${{ env.AWS_REGION }}

Expected Behavior

Actions can use the credentials set in the CI/CD process to the profile passed in the actions automatically. Command runs successfully.

Actual Behavior

Commands fail with the following error:

error configuring Terraform AWS Provider: failed to get shared config profile, my-profile

Versions used

@pulumi/aws 5.4.0 @pulumi/awsx 0.40.0 @pulumi/pulumi 3.32.1 @pulumi/random 4.6.0

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you’ve opened one already).