diff --git a/encryption/route53.go b/encryption/route53.go
index d9f13e030..217959fa4 100644
--- a/encryption/route53.go
+++ b/encryption/route53.go
@@ -16,12 +16,10 @@ import (
 // Route53TLS by default, loads the AWS configuration from the environment.
 // env variables: AWS_REGION, AWS_PROFILE, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN
 type Route53TLS struct {
-	DataDir            string
-	Email              string
-	AwsAccessKeyID     string
-	AwsSecretAccessKey string
-	Domains            []string
-	CA                 string
+	DataDir string
+	Email   string
+	Domains []string
+	CA      string
 }
 
 func (r *Route53TLS) GetCertificate() (*tls.Config, error) {
diff --git a/encryption/route53_test.go b/encryption/route53_test.go
index abf05b768..9ac8d5cf2 100644
--- a/encryption/route53_test.go
+++ b/encryption/route53_test.go
@@ -13,11 +13,9 @@ func TestRoute53TLSConfig(t *testing.T) {
 	t.SkipNow() // This test requires AWS credentials
 	exampleString := "Hello, world!"
 	rtls := &Route53TLS{
-		DataDir:            t.TempDir(),
-		Email:              os.Getenv("AWS_EMAIL"),
-		AwsAccessKeyID:     os.Getenv("AWS_KEY"),
-		AwsSecretAccessKey: os.Getenv("AWS_SECRET"),
-		Domains:            []string{os.Getenv("DOMAIN")},
+		DataDir: t.TempDir(),
+		Email:   os.Getenv("LE_EMAIL_ROUTE53"),
+		Domains: []string{os.Getenv("DOMAIN")},
 	}
 	tlsConfig, err := rtls.GetCertificate()
 	if err != nil {