Open tangentspace opened 2 years ago
In a possibly related issue, the expected behavior of providing the token on the commandline, e.g. terraform init -backend-config=token=abc123
would be to override .terraformrc, but it does not. This is not documented.
I see https://github.com/hashicorp/terraform/pull/30917 addresses that.
Thanks for these reports! I am checking to see if this issue was fixed by that same PR, but have yet to hear back. I'll update this issue when I hear back. Thanks again!
Terraform Version
Terraform Configuration Files
Expected Behavior
Terraform uses the API token provided in the config block to access the remote state for the target workspace.
Actual Behavior
Terraform always uses the API token from the CLI config file when it exists, ignoring the token explicitly provided in config block.
Steps to Reproduce
Create a
.terraformrc
file containing a token which does not have access to the target workspace.Additional Context
This makes it impossible to configure API tokens for workspaces that are not accessible using the token defined in the
.terraformrc
file. In previous Terraform versions which used the atlas backend, the data source token config overrode other config sources, and this behavior has changed in the new remote backend which breaks existing workflows.References
I opened a PR that implements the desired functionality: https://github.com/hashicorp/terraform/pull/30663