Terraform Workspaces vs Separate Directories: Which is Better for Dev/Prod?
Terraform Workspaces vs Separate Directories: Which is Better for Dev/Prod?
Managing multiple environments like Dev, Staging, and Production is one of the most common Terraform challenges. You have two main approaches: Workspaces and Separate Directories. Here is how they differ and when to use each.
Terraform Workspaces
Workspaces allow multiple state files within the same backend configuration.
# Create and switch to a dev workspace
terraform workspace new dev
terraform workspace select dev
# Create a prod workspace
terraform workspace new prod
terraform workspace select prod
# Reference workspace in config
resource "aws_instance" "web" {
instance_type = terraform.workspace == "prod" ? "t3.large" : "t2.micro"
ami = "ami-0c55b159cbfafe1f0"
}
All workspaces share the same backend and the same .tf files. The only difference is the state file path.
Problems with Workspaces for Prod/Dev Isolation
- A
terraform applyin the wrong workspace can affect the wrong environment. - All environments share the same backend — no true isolation.
- Config differences between environments bloat the code with conditionals.
- Not recommended by HashiCorp for strong environment isolation.
Separate Directories (Recommended)
infrastructure/
├── environments/
│ ├── dev/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── backend.tf # Points to dev S3 bucket
│ ├── staging/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── backend.tf # Points to staging S3 bucket
│ └── prod/
│ ├── main.tf
│ ├── variables.tf
│ └── backend.tf # Points to prod S3 bucket
└── modules/
├── networking/
└── compute/
Each environment has its own backend, state file, and configuration. Shared logic lives in reusable modules.
Comparison Table
| Feature | Workspaces | Separate Directories |
|---|---|---|
| State isolation | Partial (same backend) | Full (separate backends) |
| Accidental prod changes | Higher risk | Lower risk |
| Config differences | Managed via conditionals | Separate var files |
| Recommended for Prod | No | Yes |
| Good for | Testing, temporary envs | Long-lived environments |
Key Takeaway
Use separate directories with separate backends for long-lived environments like Dev and Prod. Use workspaces only for short-lived or experimental environments where strong isolation is not needed.
(Visited 1 times, 1 visits today)
