04/14: cdn: Do not hard-code the profile name.

[Chris Marusich]

marusich pushed a commit to branch master
in repository maintenance.

commit 1204bc3d4517dc4194b1635965f653430527a6c9
Author: Chris Marusich <cmmarus...@gmail.com>
Date:   Thu Dec 27 14:55:28 2018 -0800

    cdn: Do not hard-code the profile name.
    
    * cdn/terraform/main.tf (provider) <profile>: Remove it.
---
 cdn/terraform/main.tf | 49 ++++++++++++++++++++++++++++++++-----------------
 1 file changed, 32 insertions(+), 17 deletions(-)

diff --git a/cdn/terraform/main.tf b/cdn/terraform/main.tf
index 3a8f0d0..6900a68 100644
--- a/cdn/terraform/main.tf
+++ b/cdn/terraform/main.tf
@@ -1,26 +1,41 @@
-# See: https://www.terraform.io/docs/providers/aws
-
-provider "aws" {
-  # You must set up an AWS Credentials file a profile of the same name
-  # (i.e., "guix").  For example, put this in your ~/.aws/credentials:
-  #
-  #   [guix]
-  #   aws_access_key_id=ACCESS_KEY_ID
-  #   aws_secret_access_key=SECRET_ACCESS_KEY
-  #
-  # See: 
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
-  # That documentation AWS CLI documentation, but the same ideas apply
-  # generally to other AWS SDKs and tools.
-  profile = "guix"
-}
-
-# A friendly name for our account - this is displayed in various
+# Provider documentation: https://www.terraform.io/docs/providers/aws
+#
+# Some AWS credentials documentation:
+# https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
+#
+# You must set up an AWS Credentials file to use the AWS provider.
+# For example, you might put the following in ~/.aws/credentials:
+#
+#   [guix]
+#   aws_access_key_id=ACCESS_KEY_ID
+#   aws_secret_access_key=SECRET_ACCESS_KEY
+#
+# Then you can invoke "terraform" like this to use the credentials:
+#
+#   AWS_PROFILE=guix AWS_DEFAULT_REGION=us-west-2 terraform apply
+#
+# The first environment variable tells the AWS provider to look for a
+# "profile" named "guix".  You can use any profile name you want, but
+# it needs to match the profile name in the AWS credentials file.
+#
+# The second environment variable tells the AWS provider what region
+# to use.  For global services like IAM or CloudFront, you can use any
+# region, but you might get better performance when using a region
+# that is geographically close to you.  If we ever use any services
+# that are not global (e.g., EC2), then the region will specify where
+# those resources (e.g., EC2 instances) will exist.
+
+provider "aws" {}
+
+# A friendly name for our account.  This is displayed in various
 # places, such as the AWS Management Console.
+
 resource "aws_iam_account_alias" "alias" {
   account_alias = "guix"
 }
 
 # Encourage good password hygiene.
+
 resource "aws_iam_account_password_policy" "strict" {
   minimum_password_length = 20
   require_lowercase_characters = true