Quick Answer
# The region in your backend config must match where the S3 bucket actually is
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "eu-west-1" # ← Must match actual bucket region
}
}
The Error
Error: Failed to get existing workspaces: S3 operation error:
BucketRegionError: incorrect region, the bucket is not in 'us-east-1' region
Error: Error configuring the backend "s3": requesting bucket region:
head bucket error: https response error StatusCode: 301
Or:
Error: error using credentials to get account ID: error calling sts:GetCallerIdentity:
signed for us-east-1, bucket is in eu-west-1
What Causes This
The region in your S3 backend config doesn’t match the actual region where the S3 bucket was created.
# Your config says us-east-1
backend "s3" {
bucket = "my-terraform-state"
region = "us-east-1" # ← Config says us-east-1
}
# But the bucket is actually in eu-west-1 → ERROR
Solution 1: Find the Actual Bucket Region
# Find where the bucket actually is
aws s3api get-bucket-location --bucket my-terraform-state
{
"LocationConstraint": "eu-west-1"
}
Note: null or empty means us-east-1 (the default region returns null).
Then update your backend config:
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "eu-west-1" # ← Match the actual location
}
}
terraform init -reconfigure
Solution 2: Partial Backend Config
If you use -backend-config:
# Ensure region matches
terraform init \
-backend-config="bucket=my-terraform-state" \
-backend-config="key=prod/terraform.tfstate" \
-backend-config="region=eu-west-1"
Or in a file:
# backend-prod.hcl
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "eu-west-1"
dynamodb_table = "terraform-locks"
terraform init -backend-config=backend-prod.hcl
Solution 3: Create Bucket in the Correct Region
If you haven’t stored state yet, create the bucket in your desired region:
# Create bucket in us-east-1
aws s3api create-bucket \
--bucket my-terraform-state \
--region us-east-1
# Create bucket in other regions (needs LocationConstraint)
aws s3api create-bucket \
--bucket my-terraform-state \
--region eu-west-1 \
--create-bucket-configuration LocationConstraint=eu-west-1
Then match the region in config:
terraform {
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "eu-west-1"
}
}
Backend Region vs Provider Region
These are different:
# Where STATE is stored
terraform {
backend "s3" {
bucket = "my-terraform-state"
region = "us-east-1" # ← State bucket region
}
}
# Where RESOURCES are created
provider "aws" {
region = "eu-west-1" # ← Resource region
}
The backend region is where your state file lives. The provider region is where your infrastructure is created. They don’t have to match.
Common Mistakes
# ❌ Using provider region for backend (they can differ)
provider "aws" { region = "eu-west-1" }
backend "s3" { region = "eu-west-1" } # Only correct if bucket is in eu-west-1
# ❌ Missing region entirely
backend "s3" {
bucket = "my-state"
key = "terraform.tfstate"
# No region! Defaults to us-east-1
}
# ❌ Using AWS_DEFAULT_REGION for backend
# Backend region must be explicit — it doesn't use AWS_DEFAULT_REGION
Multi-Region State Pattern
# State in one central region, resources in multiple regions
terraform {
backend "s3" {
bucket = "company-terraform-state"
key = "us-east/prod/terraform.tfstate"
region = "us-east-1" # State always in us-east-1
}
}
provider "aws" {
alias = "us_east"
region = "us-east-1"
}
provider "aws" {
alias = "eu_west"
region = "eu-west-1"
}
Hands-On Courses
- Terraform for Beginners on CopyPasteLearn
- Terraform By Example — practical code examples
Conclusion
S3 backend region mismatch means your region config doesn’t match where the bucket actually is. Find the real location with aws s3api get-bucket-location, update the backend config, and run terraform init -reconfigure. The backend region (where state lives) and provider region (where resources are created) are independent.
