2014-07-23 20:50:41 +02:00
---
layout: "aws"
page_title: "Provider: AWS"
sidebar_current: "docs-aws-index"
2014-10-22 05:21:56 +02:00
description: |-
The Amazon Web Services (AWS) provider is used to interact with the many resources supported by AWS. The provider needs to be configured with the proper credentials before it can be used.
2014-07-23 20:50:41 +02:00
---
# AWS Provider
2014-07-23 21:14:31 +02:00
The Amazon Web Services (AWS) provider is used to interact with the
many resources supported by AWS. The provider needs to be configured
with the proper credentials before it can be used.
Use the navigation to the left to read about the available resources.
## Example Usage
```
# Configure the AWS Provider
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "us-east-1"
}
# Create a web server
resource "aws_instance" "web" {
...
}
```
## Argument Reference
2015-03-04 02:35:54 +01:00
The following arguments are supported in the `provider` block:
2014-07-23 21:14:31 +02:00
* `access_key` - (Required) This is the AWS access key. It must be provided, but
2015-01-22 21:30:41 +01:00
it can also be sourced from the `AWS_ACCESS_KEY_ID` environment variable.
2014-07-23 21:14:31 +02:00
* `secret_key` - (Required) This is the AWS secret key. It must be provided, but
2015-01-22 21:30:41 +01:00
it can also be sourced from the `AWS_SECRET_ACCESS_KEY` environment variable.
2014-07-23 21:14:31 +02:00
* `region` - (Required) This is the AWS region. It must be provided, but
2015-01-22 21:30:41 +01:00
it can also be sourced from the `AWS_DEFAULT_REGION` environment variables.
2015-03-04 02:31:45 +01:00
2015-04-20 00:54:42 +02:00
* `allowed_account_ids` - (Optional) List of allowed AWS account IDs (whitelist)
to prevent you mistakenly using a wrong one (and end up destroying live environment).
Conflicts with `forbidden_account_ids` .
* `forbidden_account_ids` - (Optional) List of forbidden AWS account IDs (blacklist)
to prevent you mistakenly using a wrong one (and end up destroying live environment).
Conflicts with `allowed_account_ids` .
2015-03-04 02:31:45 +01:00
In addition to the above parameters, the `AWS_SECURITY_TOKEN` environmental
variable can be set to set an MFA token.