Terraform Workspaces and Remote State

Weekly Shorts are topics we discuss in our weekly remote meeting related to recent work we have done with our customers

<!DOCTYPE html>

<head>

<title>Terraform Workspaces and Remote State</title>

<style>

code{white-space: pre-wrap;}

span.smallcaps{font-variant: small-caps;}

span.underline{text-decoration: underline;}

div.column{display: inline-block; vertical-align: top; width: 50%;}

</style>

<style>

code.sourceCode > span { display: inline-block; line-height: 1.25; }

code.sourceCode > span { color: inherit; text-decoration: inherit; }

code.sourceCode > span:empty { height: 1.2em; }

.sourceCode { overflow: visible; }

code.sourceCode { white-space: pre; position: relative; }

div.sourceCode { margin: 1em 0; }

pre.sourceCode { margin: 0; }

@media screen {

div.sourceCode { overflow: auto; }

}

@media print {

code.sourceCode { white-space: pre-wrap; }

code.sourceCode > span { text-indent: -5em; padding-left: 5em; }

}

pre.numberSource code

{ counter-reset: source-line 0; }

pre.numberSource code > span

{ position: relative; left: -4em; counter-increment: source-line; }

pre.numberSource code > span > a:first-child::before

{ content: counter(source-line);

position: relative; left: -1em; text-align: right; vertical-align: baseline;

border: none; display: inline-block;

-webkit-touch-callout: none; -webkit-user-select: none;

-khtml-user-select: none; -moz-user-select: none;

-ms-user-select: none; user-select: none;

padding: 0 4px; width: 4em;

background-color: #232629;

color: #7a7c7d;

}

pre.numberSource { margin-left: 3em; border-left: 1px solid #7a7c7d; padding-left: 4px; }

div.sourceCode

{ color: #cfcfc2; background-color: #232629; }

@media screen {

code.sourceCode > span > a:first-child::before { text-decoration: underline; }

}

code span. { color: #cfcfc2; } /* Normal */

code span.al { color: #95da4c; } /* Alert */

code span.an { color: #3f8058; } /* Annotation */

code span.at { color: #2980b9; } /* Attribute */

code span.bn { color: #f67400; } /* BaseN */

code span.bu { color: #7f8c8d; } /* BuiltIn */

code span.cf { color: #fdbc4b; } /* ControlFlow */

code span.ch { color: #3daee9; } /* Char */

code span.cn { color: #27aeae; } /* Constant */

code span.co { color: #7a7c7d; } /* Comment */

code span.cv { color: #7f8c8d; } /* CommentVar */

code span.do { color: #a43340; } /* Documentation */

code span.dt { color: #2980b9; } /* DataType */

code span.dv { color: #f67400; } /* DecVal */

code span.er { color: #da4453; } /* Error */

code span.ex { color: #0099ff; } /* Extension */

code span.fl { color: #f67400; } /* Float */

code span.fu { color: #8e44ad; } /* Function */

code span.im { color: #27ae60; } /* Import */

code span.in { color: #c45b00; } /* Information */

code span.kw { color: #cfcfc2; } /* Keyword */

code span.op { color: #cfcfc2; } /* Operator */

code span.ot { color: #27ae60; } /* Other */

code span.pp { color: #27ae60; } /* Preprocessor */

code span.re { color: #2980b9; } /* RegionMarker */

code span.sc { color: #3daee9; } /* SpecialChar */

code span.ss { color: #da4453; } /* SpecialString */

code span.st { color: #f44f4f; } /* String */

code span.va { color: #27aeae; } /* Variable */

code span.vs { color: #da4453; } /* VerbatimString */

code span.wa { color: #da4453; } /* Warning */

</style>

<!--[if lt IE 9]>

<![endif]-->

</head>

<body>

<h1 class="title">Terraform Workspaces and Remote State</h1>

</header>

As promised in my last article, <a href="https://dev.to/prodopsio/terraform-aws-dynamic-subnets-2cgo">Terraform AWS - Dynamic Subnets</a>, today you’re going to learn how to manage <a href="https://www.terraform.io/docs/state/workspaces.html">Workspaces</a> in Terraform, which are simply used for segregating your developing environments (dev, qa, stage, prod) while sharing the same infrastructure between them. We will also take advantage of the free <a href="https://app.terraform.io/session">Terraform Cloud</a> service to store the state file (tfstate) remotely.

<h1 id="objectives">Objectives</h1>

<li>Share the same infrastructure as code (IaC) in multiple environments (Workspaces)</li>

<li>Store the <a href="https://www.terraform.io/docs/state/index.html">tfstate file</a> <a href="https://www.terraform.io/docs/state/remote.html">remotely</a> to allow colleagues to manage the infrastructure you’re working on</li>

</ol>

<h1 id="knowledge-and-assumptions">Knowledge and assumptions</h1>

<li>You read my <a href="https://dev.to/prodopsio/terraform-aws-dynamic-subnets-2cgo">Terraform AWS - Dynamic Subnets</a> tutorial which covers most of the Terraform functions that I’ll use in this tutorial</li>

<li>You know how to use <a href="https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html">AWS named profiles</a></li>

<li>Your infrastructure’s repository is in one of the following: GitHub, GitLab, or Bitbucket. The repository I’ll be using is in <a href="https://github.com/unfor19/tf-tutorial-workspaces">Github</a></li>

<li>I’ll create a single S3 bucket resource. We will be able to create this resource in each environment just by switching Workspaces; we’ll get to that</li>

</ol>

<h1 id="setup">Setup</h1>

<h2 id="create-workspaces">Create Workspaces</h2>

<li>Create a free account in <a href="https://app.terraform.io/signup/account">Terraform Cloud</a></li>

<li>Create a new Organization; I’ve created tutorials organization</li>

<li>Create a new Workspace and connect it to the VCS provider. Select Only select repositories and select the relevant repository, in my case, it’s tf-tutorial-workspaces</li>

<li>Click the repository’s name to continue</li>

<li>Workspace name should be the name of the environment you’re working on, in my case tf-tutorial-workspaces-development [Create-a-new-Workspace] (https://i.imgur.com/K6mBoSz.png)</li>

<li>(Optional) Configure Workspace Advanced Options - insert VCS branch if relevant. I’ll be using the master branch</li>

<li>Click Create workspace!</li>

<li>Repeat steps 3 to 7, in my case: tf-tutorial-workspaces-qa, tf-tutorial-workspaces-staging, tf-tutorial-workspaces-production</li>

<li>For each Workspace that you’ve created, click Workspaces –> click Workspace name –> Settings –> General –> Execution Mode: Local <img src="https://i.imgur.com/L9KkSk6.png" alt="Execution-Mode-Local" /></li>

</ol>

Important: The default Execution Mode for each Workspace is Remote, which is the best practice for executing a Terraform plan. Unfortunately, there’s a bug, and Remote execution mode fails to work with the variable <code>terraform.workspace</code>. Make sure you set Execution Mode to Local until this bug is fixed, you can track it here, <a href="https://github.com/hashicorp/terraform/issues/22802">issue 22802</a>.

Workspaces page should look something like this: <img src="https://i.imgur.com/8K6liuI.png" alt="Workspaces-page" />

Now it’s time to generate a token that will allow us to use the Workspaces we’ve created.

<h2 id="terraform-cloud-tokens">Terraform Cloud Tokens</h2>

There are two types of tokens that we’re going to use, the first one is Team Token, which we will use in our automation processes and CI/CD pipeline. The second token is User Token, and we will use it for planning/applying infrastructure manually, so it’s usually good for planning and testing. In this tutorial, we’ll create both tokens.

Note: In case you’re concerned about Two-Factor-Authentication, it will be ignored when you use Tokens as an authentication method, so keep that in mind.

<h3 id="team-token">Team Token</h3>

<li>Create the file .terraformrc-team in your project’s directory, with Bash it’s <code>touch /.terraformrc-team</code></li>

<li>Generate a token in Terraform Cloud; click on Settings –> Teams –> Create an authentication token</li>

<li>Edit the file /.terraformrc-team, with Bash it’s: <code>vim /.terraformrc-team</code> then hit I for INSERT mode The file should look like this:</li>

</ol>

<div class="sourceCode" id="cb1"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb1-1"></a>credentials "app.terraform.io" {

<a href="#cb1-2"></a> token = "Your.generated.team.token.xctOeIoLtmjydg.jCCpJ6GKjCCpJe"

Vim: To save the file in vim, hit ESC, type: <code>:x</code> and hit ENTER. To make sure the file was correctly saved, execute <code>cat /.terraformrc</code>, the output should look like the above example. Here’s an excellent <a href="https://github.com/omerxx/vim-notebook/blob/master/VIM_NOTEBOOK.md">vim-notebook</a>. And if you’re asking yourself why to use vim, then read <a href="https://dev.to/omerxx/vim-from-foe-to-friend-in-9-minutes-2np0">Vim: from foe to friend in 9 minutes</a>

<h3 id="user-token">User Token</h3>

<li>Create the file .terraformrc-user in your project’s directory, with Bash it’s <code>touch /.terraformrc-user</code></li>

<li>Generate a token in Terraform Cloud; click on your profile picture –> User Settings –> <a href="https://app.terraform.io/app/settings/tokens">Tokens</a> –> Generate token</li>

<li>Edit the file /.terraformrc-user, with Bash it’s: <code>vim /.terraformrc-user</code> then hit I for INSERT mode The file should look like this:</li>

</ol>

<div class="sourceCode" id="cb2"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb2-1"></a>credentials "app.terraform.io" {

<a href="#cb2-2"></a> token = "Your.generated.user.token.xctOeIoLtmjydg.jCCpJ6GKjCCpJe"

<h2 id="setting-up-aws-named-profiles">Setting up AWS named profiles</h2>

To be able to apply the changes, we’ll create a named profile for each environment (Workspace).

Note: Terraform developers decided to use the word Workspace instead of Environment due to the overuse of this word, see <a href="https://www.terraform.io/docs/state/workspaces.html">here</a>. Right choice (not kidding).

The credentials and config file should look like this: <code>~/.aws/credentials</code>

<div class="sourceCode" id="cb3"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb3-1"></a>[tf-tutorial-workspaces-development]

<a href="#cb3-2"></a>aws_access_key_id = ACCESS_KEY_FOR_DEVELOPMENT

<a href="#cb3-3"></a>aws_secret_access_key = ZKBZ6_rsRFJx+bU2#=jY]w%u_e!Xrau?9fc!}:}c

<a href="#cb3-5"></a>[tf-tutorial-workspaces-qa]

<a href="#cb3-6"></a>aws_access_key_id = ACCESS_KEY_FOR_QA

<a href="#cb3-7"></a>aws_secret_access_key = K9N?Bjb:w>Uyw9w.k^,Ap2BK-7CbsZ^fY*J3t}vp

<a href="#cb3-9"></a>[tf-tutorial-workspaces-staging]

<a href="#cb3-10"></a>aws_access_key_id = ACCESS_KEY_FOR_STAGING

<a href="#cb3-11"></a>aws_secret_access_key = VpKHs2*Urp3BhE3j~MVC9@W&TpR.aQu?s.n.PrBP

<a href="#cb3-13"></a>[tf-tutorial-workspaces-production]

<a href="#cb3-14"></a>aws_access_key_id = ACCESS_KEY_FOR_PRODUCTION

<a href="#cb3-15"></a>aws_secret_access_key = Kk~Xo&Z>3QKi-M%Vq6]LRLNAwy>7R-q4=C2rGJ8x</code></pre></div>

<code>~/.aws/config</code>

<div class="sourceCode" id="cb4"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb4-1"></a>[profile tf-tutorial-workspaces-development]

<a href="#cb4-2"></a>output = json

<a href="#cb4-4"></a>[profile tf-tutorial-workspaces-qa]

<a href="#cb4-5"></a>output = json

<a href="#cb4-7"></a>[profile tf-tutorial-workspaces-staging]

<a href="#cb4-8"></a>output = json

<a href="#cb4-10"></a>[profile tf-tutorial-workspaces-prodcution]

<a href="#cb4-11"></a>output = json</code></pre></div>

<h2 id="configuring-the-backend">Configuring the backend</h2>

Now we need to configure our infrastructure to use <a href="https://www.terraform.io/docs/backends/types/remote.html">Terraform’s Remote backend</a>.

Project structure:

<div class="sourceCode" id="cb5"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb5-1"></a>.

<a href="#cb5-2"></a>├── LICENSE

<a href="#cb5-3"></a>├── README.md

<a href="#cb5-4"></a>├── main.tf

<a href="#cb5-5"></a>└── variables.tf</code></pre></div>

First, let’s set up <code>main.tf</code>:

<div class="sourceCode" id="cb6"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb6-1"></a>provider "aws" {

<a href="#cb6-2"></a> version = "~> 2.28"

<a href="#cb6-3"></a> profile = lookup(local.profile, local.environment)

<a href="#cb6-4"></a> region = lookup(local.region, local.environment)

<a href="#cb6-5"></a>}

<a href="#cb6-7"></a>terraform {

<a href="#cb6-8"></a> required_version = "~> 0.12"

<a href="#cb6-9"></a> backend "remote" {

<a href="#cb6-10"></a> hostname = "app.terraform.io"

<a href="#cb6-11"></a> organization = "tutorials"

<a href="#cb6-12"></a> workspaces { prefix = "tf-tutorial-workspaces-" }

<a href="#cb6-13"></a> }

Some explanations to the code above: 1. profile - Will be selected according to environment (Workspace) 2. region - Will be selected according to environment (Workspace) 3. backend “remote” {} - configuring our backend - hostname - This is the configuration that tells our tfstate to be hosted remotely in app.terraform.io (Terraform Cloud) - organization - the organization that we’ve created in Terraform Cloud - workspaces - Since we’re using multiple Workspaces (environments), we need to use the keyword prefix. Take the prefix of your workspaces and add a dash (-) to the end of it, just like in the code above

Important: The backend’s configuration currently does not support using variables/local values. We have to hardcode our prefix; otherwise, I would’ve used <code>"${local.profile_prefix}-"</code>

<h3 id="variables.tf">variables.tf</h3>

Moving on to the <code>variables.tf</code> file, this is where the magic happens. Before I share 30 lines of code with you, let’s break it down for our needs and how we answer those needs.

<li>app_name - We need to give a name to our application, this will serve as a prefix for all of our resources</li>

<li>profile_prefix - For convenience, will be used in the local value profile</li>

<li>profile - We need a map for profile per environment (Workspace), used in <code>main.tf</code></li>

<li>region - We need a map for region per environment (Workspace), also used in <code>main.tf</code></li>

<li>environment - We need to initialize this variable with the name of the Workspace we’re currently using, luckily we have <code>terraform.workspace</code> for doing that</li>

<li>common_tags - For convenience, we will use it in all resources, it will help us mark the resources that are managed by Terraform</li>

<li>name_prefix - For convenience, we will use it in all resources</li>

</ol>

<code>variables.tf</code>

<div class="sourceCode" id="cb7"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb7-1"></a>locals {

<a href="#cb7-2"></a> app_name = "workspaces-app"

<a href="#cb7-3"></a> profile_prefix = "tf-tutorial-workspaces"

<a href="#cb7-4"></a>}

<a href="#cb7-6"></a>locals {

<a href="#cb7-7"></a> profile = {

<a href="#cb7-8"></a> "development" = "${local.profile_prefix}-development"

<a href="#cb7-9"></a> "qa" = "${local.profile_prefix}-qa"

<a href="#cb7-10"></a> "staging" = "${local.profile_prefix}-staging"

<a href="#cb7-11"></a> "production" = "${local.profile_prefix}-production"

<a href="#cb7-12"></a> }

<a href="#cb7-13"></a> region = {

<a href="#cb7-14"></a> "development" = "us-west-2"

<a href="#cb7-15"></a> "qa" = "us-east-2"

<a href="#cb7-16"></a> "staging" = "us-east-1"

<a href="#cb7-17"></a> "production" = "ca-central-1"

<a href="#cb7-18"></a> }

<a href="#cb7-19"></a>}

<a href="#cb7-21"></a>locals {

<a href="#cb7-22"></a> environment = "${terraform.workspace}"

<a href="#cb7-23"></a>}

<a href="#cb7-25"></a>locals {

<a href="#cb7-26"></a> common_tags = {

<a href="#cb7-27"></a> Terraform = "true"

<a href="#cb7-28"></a> Environment = local.environment

<a href="#cb7-29"></a> }

<a href="#cb7-30"></a> name_prefix = "${local.app_name}-${local.environment}"

Note: I split the local values into four groups to make it more readable and organized.

Everything is ready! Now we need to initialize Terraform to make it work with Workspaces and a remote backend that stores tfstate.

<h2 id="select-relevant-terraformrc-configuration-file">Select relevant terraformrc configuration file</h2>

We’ve created the files <code>terraformrc-team</code> and <code>terraformrc-user</code>, since we’re doing manual work and we’re not executing CI/CD pipeline, we’ll use the <code>terraformrc-user</code>. The environment variable <a href="https://www.terraform.io/docs/commands/environment-variables.html#tf_cli_config_file">TF_CLI_CONFIG_FILE</a> defines the location of the configuration file that will be used for the current run.

Assuming your current working directory is your project’s directory:

<div class="sourceCode" id="cb8"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb8-1"></a>export TF_CLI_CONFIG_FILE="${PWD}/.terraformrc-user"</code></pre></div>

You can set this environment variable automatically on system startup, follow these instructions: <a href="https://unix.stackexchange.com/a/21600/368610">Windows Git Bash</a>, <a href="https://askubuntu.com/a/58828/961789">Ubuntu</a>, <a href="https://apple.stackexchange.com/a/106823">MacOS</a>. Make sure you replace <code>${PWD}</code> with the absolute path to <code>.terraformrc-user</code>

<h2 id="initialize-terraform">Initialize Terraform</h2>

Make sure you’re in the repository’s working dir, in my case it’s <code>./tf-tutorial-workspaces</code>.

Execute:

<div class="sourceCode" id="cb9"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb9-1"></a>terraform init</code></pre></div>

When prompted to select a Workspace, insert one (1), and hit ENTER, it doesn’t matter at this point.

Expected output:

<div class="sourceCode" id="cb10"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb10-1"></a>Initializing the backend...

<a href="#cb10-3"></a>The currently selected workspace (default) does not exist.

<a href="#cb10-4"></a> This is expected behavior when the selected workspace did not have an

<a href="#cb10-5"></a> existing non-empty state. Please enter a number to select a workspace:

<a href="#cb10-7"></a> 1. development

<a href="#cb10-8"></a> 2. production

<a href="#cb10-9"></a> 3. qa

<a href="#cb10-10"></a> 4. staging

<a href="#cb10-12"></a> Enter a value: 1

<a href="#cb10-15"></a>Initializing provider plugins...

<a href="#cb10-16"></a>- Checking for available provider plugins...

<a href="#cb10-17"></a>- Downloading plugin for provider "aws" (hashicorp/aws) 2.29.0...

<a href="#cb10-19"></a>Terraform has been successfully initialized!

<a href="#cb10-21"></a># omitted the rest of the text for brevity</code></pre></div>

<h3 id="troubleshooting---terraform-init">Troubleshooting - terraform init</h3>

<h4 id="local.environment-is-default">“local.environment is default”</h4>

This error happens when Execution Mode is Remote in the Workspace’s settings. The Remote Execution Mode doesn’t work with the <code>terraform.workspace</code> variable, so make sure you set it in the Workspace’s settings to Local, at least until the <a href="https://github.com/hashicorp/terraform/issues/22802">issue22802</a> is fixed.

<h1 id="share-tfstate-and-workspaces-with-colleagues">Share tfstate and Workspaces with colleagues</h1>

Everything we did so far was the initial setup. Now tell your colleagues to: 1. Create an account in Terraform Cloud - and then you need to add them to you your organization, click organization name –> Settings –> Teams –> owners –> Add a New Member - If you can’t see owners, then it’s ok, click on Add Users and it will add this user to the owners team. The owners team is the default team 2. Configure Terraform credentials with user token in <code>.terraformrc-user</code> - just like you did earlier. Don’t forget to select TF_CLI_CONFIG_FILE 3. Create AWS named profiles (config, credentials), just like you did earlier 4. Execute <code>terraform init</code>

Your colleagues will now be using the same tfstate file you’re using, and they can access the Workspaces that you’ve already created.

Note: Instead of adding users to the <code>owners</code> team, you should create a team per department/actual team, for example, developers-team, operations-team, etc.

<h1 id="working-with-workspaces">Working with Workspaces</h1>

<h2 id="select-workspace-environment">Select Workspace (environment)</h2>

You’ll be amazed by how simple it is to select the environment, here are the available commands:

<li><code>terraform workspace list</code> - List available Workspaces</li>

<li><code>terraform workspace select workspace_name</code> - Select relevant Workspace</li>

<li><code>terraform workspace show</code> - Shows the selected Workspace</li>

<li><code>terraform apply</code> - Apply changes to infrastructure</li>

<li><code>terraform destroy</code> - Destroy infrastructure</li>

</ol>

<h1 id="example-for-usage">Example for usage</h1>

<h2 id="adding-resources-to-your-git-repository">Adding resources to your git repository</h2>

Let’s add an S3 bucket:

<div class="sourceCode" id="cb11"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb11-1"></a>resource "aws_s3_bucket" "bucket" {

<a href="#cb11-2"></a> count = "${lookup(local.create_s3, local.environment)}"

<a href="#cb11-3"></a> bucket = "${local.name_prefix}-s3"

<a href="#cb11-4"></a> acl = "private"

<a href="#cb11-5"></a> region = "${lookup(local.region, local.environment)}"

<a href="#cb11-7"></a> versioning {

<a href="#cb11-8"></a> enabled = true

<a href="#cb11-9"></a> }

<a href="#cb11-10"></a> tags = local.common_tags

<code>s3.variables.tf</code> - A good example of how we can control the creation of resources per environment.

<div class="sourceCode" id="cb12"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb12-1"></a>locals {

<a href="#cb12-2"></a> create_s3 = {

<a href="#cb12-3"></a> "development" = 0

<a href="#cb12-4"></a> "qa" = 1

<a href="#cb12-5"></a> "staging" = 1

<a href="#cb12-6"></a> "production" = 1

<a href="#cb12-7"></a> }

The current project structure:

<div class="sourceCode" id="cb13"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb13-1"></a>.

<a href="#cb13-2"></a>├── LICENSE

<a href="#cb13-3"></a>├── README.md

<a href="#cb13-4"></a>├── main.tf

<a href="#cb13-5"></a>├── s3.tf

<a href="#cb13-6"></a>├── s3.variables.tf

<a href="#cb13-7"></a>└── variables.tf</code></pre></div>

This project is available on GitHub: {% github https://github.com/unfor19/tf-tutorial-workspaces no-readme %}

<h2 id="example">Example</h2>

<div class="sourceCode" id="cb14"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb14-1"></a>$ terraform workspace list

<a href="#cb14-2"></a>* development

<a href="#cb14-3"></a> production

<a href="#cb14-4"></a> qa

<a href="#cb14-5"></a> staging

<a href="#cb14-6"></a>$ terraform workspace select qa

<a href="#cb14-7"></a>$ terraform apply

<a href="#cb14-8"></a>Acquiring state lock. This may take a few moments...

<a href="#cb14-10"></a># omitted text for brevity

<a href="#cb14-12"></a> # aws_s3_bucket.bucket[0] will be created

<a href="#cb14-13"></a> + resource "aws_s3_bucket" "bucket" {

<a href="#cb14-14"></a> + acceleration_status = (known after apply)

<a href="#cb14-15"></a> + acl = "private"

<a href="#cb14-16"></a> + arn = (known after apply)

<a href="#cb14-17"></a> + bucket = "workspaces-app-qa-s3"

<a href="#cb14-18"></a> + bucket_domain_name = (known after apply)

<a href="#cb14-19"></a> + bucket_regional_domain_name = (known after apply)

<a href="#cb14-20"></a> + force_destroy = false

<a href="#cb14-21"></a> + hosted_zone_id = (known after apply)

<a href="#cb14-22"></a> + id = (known after apply)

<a href="#cb14-23"></a> + region = "us-east-2"

<a href="#cb14-24"></a> + request_payer = (known after apply)

<a href="#cb14-25"></a> + tags = {

<a href="#cb14-26"></a> + "Environment" = "qa"

<a href="#cb14-27"></a> + "Terraform" = "true"

<a href="#cb14-28"></a> }

<a href="#cb14-29"></a># omitted arguments for brevity

<a href="#cb14-30"></a> }

<a href="#cb14-32"></a>Plan: 1 to add, 0 to change, 0 to destroy.

<a href="#cb14-34"></a>Do you want to perform these actions in workspace "qa"?

<a href="#cb14-35"></a> Terraform will perform the actions described above.

<a href="#cb14-36"></a> Only 'yes' will be accepted to approve.

<a href="#cb14-38"></a> Enter a value:</code></pre></div>

Look at the S3 bucket name and region! Everything indicates that we’re working on the qa Workspace, woohoo!

<h4 id="troubleshooting---terraform-plan">Troubleshooting - terraform plan</h4>

<div class="sourceCode" id="cb15"><pre class="sourceCode bash"><code class="sourceCode bash"><a href="#cb15-1"></a>Error: error starting operation: The configured "remote" backend encountered an unexpected error:

<a href="#cb15-3"></a>invalid value for workspace</code></pre></div>

You executed a <code>terraform plan</code> or <code>terraform apply</code> without selecting a Workspace. Make sure you select a Workspace first.

<h1 id="final-words">Final words</h1>

Terraform Cloud service is still new, but it’s fantastic, and if you have any questions or comments, fire at will!

My next article will be about how to use 3rd-party binaries, such as aws-vault and Terraform, in Windows Git Bash.

Did you like this tutorial? Clap/heart/unicorn and share it with your friends and colleagues.

</body>

</html>

‍

Meir Gabay

Junior Operations Engineer

Meir is an experienced automation engineer and a certified AWS solutions architect. He has four years of experience as Operations and Automation at NICE's training department. With knowledge in web development, both server-side and front-end. The critical thing that motivates him while working with customers - "To continue evolving and improving independently, a customer needs to know how the solution works." While Meir is not helping customers, you'll find him studying new technologies and writing a blog post of what he had learned.

Terraform Workspaces and Remote State

‍

Recent posts

3rd-party binaries in Windows Git Bash

Terraform Workspaces and Remote State

Terraform AWS - Dynamic Subnets