terragrunt can't handle a mismatch between [default] and AWS_PROFILE

[stevenpollack]

So I've noticed a bit of an interesting behaviour... Let's say you've got an ~/.aws/credentials that looks like

[default]
aws_access_key_id = xyz123
aws_secret_access_key = alphabetagamma

[prof1]
aws_access_key_id = xyz123
aws_secret_access_key = alphabetagamma

[prof2]
aws_access_key_id = ABCDEF
aws_secret_access_key = xxONETWOTHREExx

and you set AWS_PROFILE='prof2', then when you try and tg init with the following provider.tf:

# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
provider "aws" {
  region = "eu-west-1"
  shared_credentials_files = ["/Users/steven/.aws/credentials"]
  profile = "prof2"
}

you'll get

Initializing modules...
Error refreshing state: AccessDenied: Access Denied
        status code: 403, request id: V3T0SZJ3W0SB7XH1, host id: cjL+XEgzB1/sC1q5MNkvjzjpPGmGGK3SySzLmKNwNQSkEPEZUoyMzofoKk/O8b5YKxKKkJ/kbak=
ERRO[0004] 1 error occurred:
        * exit status 1

and I can only fix this by changing the contents of [default] to actually match the nominated profile AWS_PROFILE.

Is this a bug?

Terragrunt v0.37.3 Terraform v1.2.2 on darwin_arm64

• provider registry.terraform.io/hashicorp/aws v4.18.0