diff --git a/website/source/docs/builders/amazon-chroot.html.md b/website/source/docs/builders/amazon-chroot.html.md
index 1c4863292..905dafb92 100644
--- a/website/source/docs/builders/amazon-chroot.html.md
+++ b/website/source/docs/builders/amazon-chroot.html.md
@@ -194,13 +194,13 @@ each category, the available configuration keys are alphabetized.
         volumes, io1 for Provisioned IOPS (SSD) volumes, and standard for Magnetic
         volumes
 
-- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to, 
-   along with the custom kms key id to use for encryption for that region. 
-   Keys must match the regions provided in `ami_regions`. If you just want to 
+- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to,
+   along with the custom kms key id to use for encryption for that region.
+   Keys must match the regions provided in `ami_regions`. If you just want to
    encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
-   If you want a region to be encrypted with that region's default key ID, you can 
+   If you want a region to be encrypted with that region's default key ID, you can
    use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
-   However, you cannot use default key IDs if you are using this in conjunction with 
+   However, you cannot use default key IDs if you are using this in conjunction with
    `snapshot_users` -- in that situation you must use custom keys.
 
 - `root_device_name` (string) - The root device name. For example, `xvda`.
@@ -230,6 +230,11 @@ each category, the available configuration keys are alphabetized.
     partitioning and filesystem creation commands. The path to the device is
     provided by `{{.Device}}`.
 
+- `profile` (string) - The profile to use in the shared credentials file for
+    AWS. See Amazon's documentation on [specifying
+    profiles](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-profiles)
+    for more details.
+
 - `post_mount_commands` (array of strings) - As `pre_mount_commands`, but the
     commands are executed after mounting the root device and before the extra
     mount and copy steps. The device and mount path are provided by
diff --git a/website/source/docs/builders/amazon-ebs.html.md b/website/source/docs/builders/amazon-ebs.html.md
index dce9b9482..3d5f1606c 100644
--- a/website/source/docs/builders/amazon-ebs.html.md
+++ b/website/source/docs/builders/amazon-ebs.html.md
@@ -198,14 +198,19 @@ builder.
 - `mfa_code` (string) - The MFA [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
   code. This should probably be a user variable since it changes all the time.
 
+- `profile` (string) - The profile to use in the shared credentials file for
+   AWS. See Amazon's documentation on [specifying
+   profiles](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-profiles)
+   for more details.
+
 - `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to,
-  along with the custom kms key id to use for encryption for that region.
-  Keys must match the regions provided in `ami_regions`. If you just want to
-  encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
-  If you want a region to be encrypted with that region's default key ID, you can
-  use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
-  However, you cannot use default key IDs if you are using this in conjunction with
-  `snapshot_users` -- in that situation you must use custom keys.
+   along with the custom kms key id to use for encryption for that region.
+   Keys must match the regions provided in `ami_regions`. If you just want to
+   encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
+   If you want a region to be encrypted with that region's default key ID, you can
+   use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
+   However, you cannot use default key IDs if you are using this in conjunction with
+   `snapshot_users` -- in that situation you must use custom keys.
 
 - `run_tags` (object of key/value strings) - Tags to apply to the instance
   that is *launched* to create the AMI. These tags are *not* applied to the
diff --git a/website/source/docs/builders/amazon-ebssurrogate.html.md b/website/source/docs/builders/amazon-ebssurrogate.html.md
index 0ed6f2ce2..ec403d1ea 100644
--- a/website/source/docs/builders/amazon-ebssurrogate.html.md
+++ b/website/source/docs/builders/amazon-ebssurrogate.html.md
@@ -191,14 +191,19 @@ builder.
 - `mfa_code` (string) - The MFA [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
    code. This should probably be a user variable since it changes all the time.
 
-- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to, 
-   along with the custom kms key id to use for encryption for that region. 
-   Keys must match the regions provided in `ami_regions`. If you just want to 
-   encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
-   If you want a region to be encrypted with that region's default key ID, you can 
-   use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
-   However, you cannot use default key IDs if you are using this in conjunction with 
-   `snapshot_users` -- in that situation you must use custom keys.
+- `profile` (string) - The profile to use in the shared credentials file for
+    AWS. See Amazon's documentation on [specifying
+    profiles](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-profiles)
+    for more details.
+
+- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to,
+    along with the custom kms key id to use for encryption for that region.
+    Keys must match the regions provided in `ami_regions`. If you just want to
+    encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
+    If you want a region to be encrypted with that region's default key ID, you can
+    use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
+    However, you cannot use default key IDs if you are using this in conjunction with
+    `snapshot_users` -- in that situation you must use custom keys.
 
 - `run_tags` (object of key/value strings) - Tags to apply to the instance
     that is *launched* to create the AMI. These tags are *not* applied to the
diff --git a/website/source/docs/builders/amazon-ebsvolume.html.md b/website/source/docs/builders/amazon-ebsvolume.html.md
index 2cb158d25..d262e04f8 100644
--- a/website/source/docs/builders/amazon-ebsvolume.html.md
+++ b/website/source/docs/builders/amazon-ebsvolume.html.md
@@ -118,14 +118,19 @@ builder.
 - `mfa_code` (string) - The MFA [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
    code. This should probably be a user variable since it changes all the time.
 
-- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to, 
-   along with the custom kms key id to use for encryption for that region. 
-   Keys must match the regions provided in `ami_regions`. If you just want to 
-   encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
-   If you want a region to be encrypted with that region's default key ID, you can 
-   use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
-   However, you cannot use default key IDs if you are using this in conjunction with 
-   `snapshot_users` -- in that situation you must use custom keys.    
+- `profile` (string) - The profile to use in the shared credentials file for
+    AWS. See Amazon's documentation on [specifying
+    profiles](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-profiles)
+    for more details.
+
+- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to,
+    along with the custom kms key id to use for encryption for that region.
+    Keys must match the regions provided in `ami_regions`. If you just want to
+    encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
+    If you want a region to be encrypted with that region's default key ID, you can
+    use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
+    However, you cannot use default key IDs if you are using this in conjunction with
+    `snapshot_users` -- in that situation you must use custom keys.
 
 - `run_tags` (object of key/value strings) - Tags to apply to the instance
     that is *launched* to create the AMI. These tags are *not* applied to the
diff --git a/website/source/docs/builders/amazon-instance.html.md b/website/source/docs/builders/amazon-instance.html.md
index bacdf516c..aeeff7b89 100644
--- a/website/source/docs/builders/amazon-instance.html.md
+++ b/website/source/docs/builders/amazon-instance.html.md
@@ -214,14 +214,19 @@ builder.
 - `mfa_code` (string) - The MFA [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
    code. This should probably be a user variable since it changes all the time.
 
-- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to, 
-   along with the custom kms key id to use for encryption for that region. 
-   Keys must match the regions provided in `ami_regions`. If you just want to 
-   encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
-   If you want a region to be encrypted with that region's default key ID, you can 
-   use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
-   However, you cannot use default key IDs if you are using this in conjunction with 
-   `snapshot_users` -- in that situation you must use custom keys.       
+- `profile` (string) - The profile to use in the shared credentials file for
+    AWS. See Amazon's documentation on [specifying
+    profiles](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-profiles)
+    for more details.
+
+- `region_kms_key_ids` (map of strings) - a map of regions to copy the ami to,
+    along with the custom kms key id to use for encryption for that region.
+    Keys must match the regions provided in `ami_regions`. If you just want to
+    encrypt using a default ID, you can stick with `kms_key_id` and `ami_regions`.
+    If you want a region to be encrypted with that region's default key ID, you can
+    use an empty string `""` instead of a key id in this map. (e.g. `"us-east-1": ""`)
+    However, you cannot use default key IDs if you are using this in conjunction with
+    `snapshot_users` -- in that situation you must use custom keys.
 
 - `run_tags` (object of key/value strings) - Tags to apply to the instance
     that is *launched* to create the AMI. These tags are *not* applied to the
diff --git a/website/source/docs/builders/amazon.html.md b/website/source/docs/builders/amazon.html.md
index 2bec17960..82d1ca41a 100644
--- a/website/source/docs/builders/amazon.html.md
+++ b/website/source/docs/builders/amazon.html.md
@@ -80,7 +80,8 @@ the following order:
 3. If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.
 
 Please refer to the SDK's documentation on [specifying
-credentials](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#id2) for more information.
+credentials](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials)
+for more information.
 
 ## Using an IAM Task or Instance Role