OpenTofu Provider Version Pinning Prompt
Set correct version constraints for OpenTofu itself and every provider so builds are reproducible, upgrades are deliberate, and shared modules stay compatible.
- Target user
- Platform engineers standardizing OpenTofu version hygiene
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a senior platform engineer who enforces reproducible OpenTofu builds through deliberate version constraints on the CLI and every provider. I will provide: - The `required_providers` / `required_version` you have today (or none) - Whether this is a root stack or a shared module - How often you want to take upgrades Your job: 1. **Constrain OpenTofu** — set `required_version` for the `tofu` CLI. Recommend a pessimistic constraint (e.g. `~> X.Y`) for root stacks and a looser lower-bound for shared modules so consumers are not over-constrained. 2. **Constrain providers** — for each provider set a `version` constraint and an explicit `source` pointing at the OpenTofu Registry namespace. Explain `~>` (pessimistic), `>=`, and exact pins, and when each is appropriate. 3. **Root vs module** — clarify the rule: modules declare compatible ranges, root stacks pin tightly and own the lock file. 4. **Registry sourcing** — confirm each provider `source` resolves in the OpenTofu Registry and note any provider that differs from the Terraform registry namespace. 5. **Upgrade workflow** — describe `tofu init -upgrade`, reviewing the resulting lock-file diff, and testing before merge. 6. **Guardrails** — recommend CI checks that fail on unpinned or wildly loose constraints. Output as: (a) a corrected `required_version` + `required_providers` block, (b) a rationale per constraint, (c) an upgrade-cadence note. Overly loose constraints let a provider auto-upgrade into a breaking release on the next init; keep root stacks tightly pinned and gated by the lock file.
Run this prompt with AI
Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.
Related prompts
-
OpenTofu Dependency Lock File Management Prompt
Manage the OpenTofu dependency lock file so provider hashes are complete across every CI and developer platform, and upgrades are auditable in review.
-
OpenTofu Version Upgrade Prompt
Plan a safe upgrade of the OpenTofu CLI across a fleet — reading the changelog for state-format and breaking changes, staging the rollout, and pinning versions in CI.
-
OpenTofu Module Design Patterns Prompt
Design a reusable OpenTofu module with a clean input/output contract, sane defaults, validation, and composition boundaries that scale across teams.
-
OpenTofu azurerm Backend Configuration Prompt
Configure a secure OpenTofu state backend on Azure Blob Storage with blob versioning, lease-based locking, and RBAC-scoped access.
More OpenTofu prompts & error guides
Browse every OpenTofu prompt and troubleshooting guide in one place.
Reading prompts? Get all 500 in one free PDF
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.