diff --git a/terraform.sh b/terraform.sh
index ff5ed28..6ed3f0a 100755
--- a/terraform.sh
+++ b/terraform.sh
@@ -7,14 +7,36 @@
 #
 #!/bin/bash -e
 
+key="$(echo "${provider}" | tr '[:lower:]' '[:upper:]')_$(echo "${env}" | tr '[:lower:]' '[:upper:]')_KEY"
+secret="$(echo "${provider}" | tr '[:lower:]' '[:upper:]')_$(echo "${env}" | tr '[:lower:]' '[:upper:]')_SECRET"
+
 if (which pass >/dev/null 2>&1); then
-   provider_key="$(pass ${provider}/access_key)"
-   provider_token="$(pass ${provider}/token)"
-   declare "TF_VAR_${provider}_access_key"=$provider_key
-   declare "TF_VAR_${provider}_token"=$provider_token
+  pass_key="$(pass "terraform/${provider}/${env}/access_key")"
+  pass_secret="$(pass "terraform/${provider}/${env}/secret")"
+
+  declare "${key}"="${pass_key}"
+  declare "${secret}"="${pass_secret}"
 fi
 
-export TF_VAR_${provider}_access_key
-export TF_VAR_${provider}_token
+case $provider in
+  aws)
+    declare "AWS_ACCESS_KEY_ID=${!key}"
+    declare "AWS_SECRET_ACCESS_KEY=${!secret}"
+    ;;
+  azurerm)
+    declare "ARM_CLIENT_ID=${!key}"
+    declare "ARM_CLIENT_SECRET=${!secret}"
+    :;;
+  "do")
+    declare "DIGITALOCEAN_TOKEN=${!secret}"
+    :;;
+  google)
+    declare "GOOGLE_CREDENTIALS=${!secret}"
+    :;;
+  scaleway)
+    declare "SCALEWAY_ORGANIZATION=${!key}"
+    declare "SCALEWAY_TOKEN=${!secret}"
+    :;;
+esac
 
-cd ${wd} && terraform $@
+cd "${wd}" && terraform $@