Terraform - working around 'error installing provider'


Recently many teams I have been working with have been hitting this error installing provider issue with Terraform. We have noticed that it is only happening with Terraform 0.11 (could be happening with other versions, we just haven’t noticed it yet).

The error message is in lines of

Error installing provider "null": openpgp: signature made by unknown entity. 
Terraform analyses the configuration and state and automatically downloads 
plugins for the providers used. However, when attempting to download this 
plugin an unexpected error occured. 
This may be caused if for some reason Terraform is unable to reach the 
plugin repository. The repository may be unreachable if access is blocked 
by a firewall. 
If automatic installation is not possible or desirable in your environment, 
you may alternatively manually install plugins by downloading a suitable 
distribution package and placing the plugin's executable file in the 
following directory: 


Warning: This is not recommended for production use.

The only way it seems to work for us is to use unverified plugins.

terraform init -verify-plugins=false


The issue here is the openpgp plugin signature has changed and by default Terraform performs verification for any plugins used. By skipping verification, we are at risk of getting security vulnerabilities into our deployment process. Hence it is not recommended to skip plugin verification in production systems. This can be a quick workaround while you possibly upgrade your Terraform and provider versions to use the latest valid plugins.

Please note that I was unable to find any official documentation about this terraform init parameter. The only place it is described is at lightnetics.com.


Hope this was useful and saved you some time. Please do share your learnings. If you have any thoughts or comments please do get in touch with me on Twitter @rubberduckdev. Or use the Disqus plugin below.



Check about page for details.

Read More

Terraform - working around 'error installing provider'