How to fix Error reading file: permission denied in Terraform

TerraformINTERMEDIATEMEDIUM

This error occurs when Terraform cannot read a file due to insufficient file system permissions. Common causes include restrictive file permissions on local files, provider binary permission issues, or permission changes during Terraform operations.

What this error means

When Terraform tries to read a file during configuration parsing, state refresh, or data source evaluation, the operating system denies access due to insufficient permissions. This error typically appears when using local_file resources, reading configuration files, or accessing provider binaries without proper read permissions. The error indicates a mismatch between the user running Terraform and the file's permission settings.

How to fix "Error reading file: permission denied"

1Check current file permissions

First, identify which file Terraform cannot read by examining the error message. Use ls -la to view the file's permissions:

bash

ls -la /path/to/file

Look at the first 10 characters. The first dash indicates it's a file. The next three characters show owner permissions (rwx), followed by group and others permissions. For example, -rw-r--r-- means owner can read and write, group can read, others can read.

2Identify the Terraform process owner

Determine which user is running Terraform:

bash

whoami

If running in a container or CI/CD system, check the effective user:

bash

id

This shows your user ID (uid) and group ID (gid). The Terraform process must have read permissions for the file owner, group, or others based on these IDs.

3Add read permissions to the file

Use chmod to add read permissions. For the owner to read:

bash

chmod u+r /path/to/file

For group members:

bash

chmod g+r /path/to/file

For all users (less secure):

bash

chmod o+r /path/to/file

Or use numeric notation for combined permissions:

bash

chmod 644 /path/to/file

This sets owner to read-write (6), group to read (4), others to read (4).

4Verify file ownership matches the Terraform user

Check if the file owner matches the user running Terraform:

bash

ls -l /path/to/file | awk '{print $3}'

If the owner differs from the Terraform user, change ownership:

bash

sudo chown $USER /path/to/file

Or if the file should be group-readable:

bash

sudo chown $USER:$GROUP /path/to/file
chmod 640 /path/to/file

5For local_file resources with restrictive permissions

If using local_file resource with write-only permissions (file_permission = '0200'), Terraform cannot read it on subsequent runs. Change to readable permissions:

hcl

resource "local_file" "example" {
  content  = "Hello World"
  filename = "./hello.txt"
  file_permission = "0644"  # Changed from 0200
}

Then re-run Terraform:

bash

terraform apply

6For provider binary permission issues

If Terraform cannot load a provider binary, ensure it has execute permissions:

bash

chmod +x ~/.terraform.d/plugins/provider-binary

Alternatively, reinstall the provider:

bash

rm -rf .terraform
terraform init

This removes the local provider cache and downloads fresh binaries with correct permissions.

7Verify with Terraform plan

After adjusting permissions, run terraform plan to verify the issue is resolved:

bash

terraform plan

If the error persists, check the error message again for the specific file path and repeat steps 1-3 for that file. Run terraform refresh if the plan succeeds but the issue still occurs:

bash

terraform refresh

How to fix Error reading file: permission denied in Terraform

What this error means

Typical symptoms

Common causes

How to fix "Error reading file: permission denied"

Advanced notes

Related errors

Official resources & further reading