Unknown encryption key provider

Detects non-existing encryption key providers references in OpenTofu encryption block configuration. E.g.for the code

    terraform {
      encryption {
        key_provider "pbkdf2" "foo" {
          # Configuration parameters
        }
        method "aes_gcm" "yourname" {
          keys = key_provider.pbkdf2.unknown
        }
        method "aes_gcm" "yourname2" {
          keys = key_provider.pbkdf2.foo
        }
      }
    }
  

we should check if the key provider reference is correct. In this case, unknown reference should be highlighted.

See https://opentofu.org/docs/language/state/encryption/#methods for more information.

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

OpenTofuUnknownKeyProvider

Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | OpenTofu

Suppressing Inspection

You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:

//noinspection OpenTofuUnknownKeyProvider

More detailed instructions as well as other ways and options that you have can be found in the product documentation:

IntelliJ IDEA 2025.2

Inspection Details
By default bundled with:	IntelliJ IDEA 2025.2, Qodana for JVM 2025.2,

Last modified: 18 September 2025