Quick Answer
# Most common fix: regenerate lock file
rm .terraform.lock.hcl
terraform init
# If version constraints conflict
terraform init -upgrade
The Error
Error: Failed to install providers
Could not install hashicorp/aws v5.80.0: the current package for
registry.terraform.io/hashicorp/aws 5.80.0 doesn't match any of the
checksums previously recorded in the dependency lock file.
Or:
Error: Failed to query available provider packages
Could not retrieve the list of available versions for provider
hashicorp/aws: locked provider registry.terraform.io/hashicorp/aws
5.60.0 does not match configured version constraint ~> 5.80.
Or:
Error: Incompatible provider version
Provider registry.terraform.io/hashicorp/aws v5.80.0 does not have a
package available for your current platform, linux_arm64.
What Causes This
- Lock file mismatch —
.terraform.lock.hclwas generated on a different platform (Mac vs Linux) - Version constraint conflict — lock file pins v5.60 but code requires
~> 5.80 - Platform mismatch — provider doesn’t have a build for your OS/arch
- Registry unreachable — can’t download providers (see Registry Not Reachable)
- Corrupted cache —
.terraform/providers/has broken files
Solution 1: Regenerate Lock File
rm .terraform.lock.hcl
terraform init
For cross-platform teams (Mac + Linux CI), generate hashes for all platforms:
terraform providers lock \
-platform=linux_amd64 \
-platform=darwin_amd64 \
-platform=darwin_arm64
# Commit the updated lock file
git add .terraform.lock.hcl
git commit -m "chore: update provider lock file for all platforms"
Solution 2: Upgrade Providers
When version constraints changed:
# Upgrade to latest matching version
terraform init -upgrade
This regenerates the lock file with the latest versions that match your constraints.
Solution 3: Fix Version Constraints
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0" # Allows 5.x (flexible)
# version = "= 5.80.0" # Exact pin (breaks often)
# version = ">= 5.0, < 6.0" # Range
}
}
}
Best practice: Use ~> (pessimistic constraint) for minor version flexibility:
| Constraint | Allows |
|---|---|
~> 5.0 | 5.0 through 5.x (not 6.0) |
~> 5.80 | 5.80 through 5.x (not 6.0) |
~> 5.80.0 | 5.80.0 through 5.80.x (not 5.81) |
>= 5.0 | 5.0 and above (dangerous — allows 6.0) |
Solution 4: Clean Cache and Reinitialize
rm -rf .terraform
rm .terraform.lock.hcl
terraform init
Solution 5: Platform-Specific Provider (ARM/Alpine)
Some providers don’t have ARM64 or Alpine Linux builds:
# Check available platforms
terraform providers lock -platform=linux_arm64 2>&1
Workaround: build from source or use an x86 runner.
Solution 6: Air-Gapped / Offline Install
# On a connected machine, download providers
terraform providers mirror /tmp/providers
# Copy to air-gapped machine, then:
terraform init -plugin-dir=/opt/terraform/providers
Or configure in ~/.terraformrc:
provider_installation {
filesystem_mirror {
path = "/opt/terraform/providers"
}
direct {
exclude = ["registry.terraform.io/*/*"]
}
}
CI/CD Lock File Workflow
# GitLab CI — always verify lock file
validate:
script:
- terraform init
- terraform providers lock -platform=linux_amd64 -platform=darwin_arm64
- |
if ! git diff --exit-code .terraform.lock.hcl; then
echo "ERROR: Lock file is out of date. Run 'terraform providers lock' locally and commit."
exit 1
fi
Hands-On Courses
- Terraform for Beginners on CopyPasteLearn
- Terraform By Example — practical code examples
Conclusion
Provider install failures usually come from lock file mismatches. Delete .terraform.lock.hcl and run terraform init to regenerate it. For cross-platform teams, run terraform providers lock with all target platforms and commit the lock file. Use ~> 5.0 version constraints for flexibility and terraform init -upgrade when you need newer versions.