Terraform Workspaces

Terraform workspaces allow you to use a different state file from the CLI, or the equivalent with Terraform Cloud.

Workspaces are used to provide cooperative isolation. They can be thought of like programming language namespaces.

A workspace called production is created (and initially switched to) with:

terraform workspace new production

You can switch back to the default workspace with:

terraform workspace select default

Here’s a nice example of a terraform script that manages 2 workspaces using terraform locals, default (test) and production, depending on the current workspace:
medium.com: Terraform workspaces and locals for environment separation (2017)

And here’s a 2021 github issue on how to use workspaces under terragrunt:
github.com: Support for terraform workspaces? #1581

Use Cases for Workspaces

It’s common to use separate AWS accounts for test and production environments, and workspaces let you assign workspace names to teams or clusters within each of those accounts.

Or a single cloud account can be used, and workspaces used with names like default for test, and separate names for teams.

Note that using workspaces provides a separation mechanism that’s better than nothing at avoiding resources getting stepped on, but somebody can still do a select command into your team’s workspace.

W: Terraform
medium.com: Terraform Workspaces Basics with AWS CodePipeline (2019)

This entry was posted in Cloud, Open Source, Tech. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.