The Bytebase Provider itself is free to use. Some advanced resource operations require Pro or Enterprise Plan.Bytebase Terraform Provider handles control plane configuration such as settings, policies, access controls.
It does not handle data plane operations such as database creation, schema migrations, DML execution, query.
Create Service Account
The Terraform Provider uses service account to call the Bytebase API to manage the resources and settings. After creating the service account with theWorkspace Admin role, you can copy the service key as service_key and the email as service_account to initialize the Terraform provider in the next step.
Optional: Separate Accounts for Plan and Apply
If you prefer to use different service accounts forterraform plan and terraform apply, you can:
-
For
terraform apply: Assign theWorkspace Adminrole. -
For
terraform plan: Create a custom role with only read permissions under IAM & Admin > Custom Roles, then assign it to the plan-only service account.
- All
.listand.getpermissions bb.databases.exportbb.databases.querybb.databases.getSchemabb.databases.getSecretsbb.auditLogs.exportbb.auditLogs.searchbb.issues.subscribebb.projects.getIamPolicy
Tutorials
Resources Access Control Workspace SettingsTroubleshoot
status: 404
This often happens when someone deletes the resources from the Bytebase UI and then attempts to runterraform apply.
To recover, please run terraform refresh to refresh the state first.
