A Practical Guide to Troubleshooting Git Push Errors in Terraform Projects

Source: Dev.to

Introduction

While working on a Terraform project, I ran into several Git push errors that initially felt confusing and frustrating. Each error turned out to be a valuable learning moment. This article documents those issues step‑by‑step, explains why they happen, and shows how to fix them correctly.

If you’re learning Terraform, DevOps, or Infrastructure as Code, chances are you’ll encounter these same problems.

1️⃣ GitHub Rejects Large Files (>100 MB)

Error

File .terraform/...terraform-provider-aws is larger than 100 MB

Why this happens

The .terraform/ directory was committed. It contains Terraform provider binaries, which can be hundreds of megabytes in size and should never be version‑controlled.

Correct fix

Add the following entries to .gitignore:

.terraform/
*.tfstate
*.tfstate.backup

If the large files are already in the repository history, the cleanest approach for new projects is to re‑initialize the repository:

rm -rf .git
git init
git add .
git commit -m ""

(For existing repositories you can also use git filter-repo or git filter-branch to purge the files from history.)

2️⃣ GitHub Push Protection Blocks Secrets

Error

Push cannot contain secrets (AWS Access Key detected)

Why this happens

AWS credentials were hard‑coded inside provider.tf. GitHub automatically scans commits for secrets and blocks pushes to prevent credential leaks.

What not to do

provider "aws" {
  access_key = "AKIA..."
  secret_key = "xxxx"
}

Correct approach

Configure the provider without embedding credentials:

provider "aws" {
  region = "us-east-1"
}

Store credentials securely, for example:

• aws configure (writes to ~/.aws/credentials)
• Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, etc.)
• IAM roles (recommended for EC2, CloudShell, CI/CD pipelines)

⚠️ If credentials were ever committed, rotate them immediately, even if the push was blocked.