diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
index 1e26169..0ec24be 100644
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -152,8 +152,18 @@ On the host,
 
 # [integration tests](workflows/integration-tests.yml) in GitHub Actions
 
-1. if the team API token of HCP Terraform in
-the repository secret `HCP_TERRAFORM_TEAM_TOKEN`
-is expired, regenerate a token and set it.
-1. open a pull request
-1. check the GitHub Actions workflows
+1. [set a repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)
+
+| name | value |
+| ---- | ----- |
+| `HCP_TERRAFORM_TEAM_TOKEN` | HCP Terraform team API token |
+
+2. [set a repository variable](https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#creating-configuration-variables-for-a-repository)
+
+| name | value |
+| ---- | ----- |
+| `TEST_TERRAFORM_ORGANIZATION` | terraform organization name |
+| `TEST_TERRAFORM_WORKSPACE` | terraform workspace name |
+
+3. open a pull request
+4. check the GitHub Actions workflows
diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml
index f23fcf2..0a02e3c 100644
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@@ -1,42 +1,17 @@
 name: integration tests
 on:
   pull_request:
-env:
-  SSH_USER: ubuntu
 
 jobs:
-  cue:
-    if: ${{ endsWith(github.repository, '-dev') }}
-    runs-on: ubuntu-24.04
-    timeout-minutes: 2
-
-    steps:
-      - uses: actions/checkout@v6
-
-      - uses: ./.github/actions/cue
-        with:
-          data-file: terraform/tests/config-empty.yml
-          schema-file: config.cue
-
-      - uses: ./.github/actions/cue
-        with:
-          data-file: terraform/tests/config-aws.yml
-          schema-file: config.cue
-
-      - uses: ./.github/actions/cue
-        with:
-          data-file: terraform/tests/config-gc.yml
-          schema-file: config.cue
-
   empty:
-    needs:
-      - cue
+    if: ${{ endsWith(github.repository, '-dev') }}
     runs-on: ubuntu-24.04
     timeout-minutes: 3
     defaults:
       run:
         working-directory: terraform
     env:
+      SSH_USER: ubuntu
       CONFIG: tests/config-empty.yml
       PLAN_RESOURCES_JSON_PATH: /tmp/empty_plan_resources.json
       APPLY_OUTPUT_JSON_PATH: /tmp/empty_apply_output.json
@@ -44,6 +19,20 @@ jobs:
     steps:
       - uses: actions/checkout@v6
 
+      - run: >
+          cat tests/config-empty.tpl.yml
+          | sed "s/\${TERRAFORM_ORGANIZATION}/${ORGANIZATION}/"
+          | sed "s/\${TERRAFORM_WORKSPACE}/${WORKSPACE}/"
+          > tests/config-empty.yml
+        env:
+          ORGANIZATION: '${{ vars.TEST_TERRAFORM_ORGANIZATION }}'
+          WORKSPACE: '${{ vars.TEST_TERRAFORM_WORKSPACE }}'
+
+      - uses: ./.github/actions/cue
+        with:
+          data-file: terraform/tests/config-empty.yml
+          schema-file: config.cue
+
       - name: set up terraform
         uses: hashicorp/setup-terraform@v4
         with:
diff --git a/README.md b/README.md
index f819c1e..f22468e 100644
--- a/README.md
+++ b/README.md
@@ -99,14 +99,21 @@ sequenceDiagram
 [Use the template feature](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-repository-from-a-template).
 
 ## initialize the project
-### 1. allow HCP Terraform to access the cloud services
 
-#### 1.1. set up HCP Terraform
+### 1. set up HCP Terraform
+
+1. [create an organization](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/organizations#create-an-organization)
+1. [create a workspace](https://developer.hashicorp.com/terraform/cloud-docs/workspaces/create) in the CLI-driven workflow
+
+### 2. set up Google Cloud
 
-1. [create an organization](https://www.terraform.io/cloud-docs/users-teams-organizations/organizations#creating-organizations)
-1. [create a workspace](https://www.terraform.io/cloud-docs/workspaces/creating)
+1. [create a project](https://developers.google.com/workspace/guides/create-project) if you deploy servers to Google Cloud
+
+## set up access
+
+### 1. allow HCP Terraform to access the cloud services
 
-#### 1.2. set up OIDC integration
+#### 1.1. set up OIDC integration
 
 ##### AWS
 
@@ -116,7 +123,7 @@ see https://developer.hashicorp.com/terraform/cloud-docs/dynamic-provider-creden
 
 see https://developer.hashicorp.com/terraform/cloud-docs/dynamic-provider-credentials/gcp-configuration
 
-#### 1.3. [set workspace-specific variables](https://www.terraform.io/cloud-docs/workspaces/variables/managing-variables#workspace-specific-variables) as follows
+#### 1.2. [set workspace-specific variables](https://www.terraform.io/cloud-docs/workspaces/variables/managing-variables#workspace-specific-variables) as follows
 
 > [!NOTE]  
 > replace `****` with your values
diff --git a/terraform/tests/config-aws.yml b/terraform/tests/config-aws.yml
deleted file mode 100644
index 83dd13f..0000000
--- a/terraform/tests/config-aws.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-terraform_cloud:
-  organization:
-    name: organization_84380
-    workspace: integration_tests
-servers:
-  blue:
-    provider: aws
-    aws:
-      region: ap-northeast-1
-      compute: lightsail
-      lightsail:
-        availability_zone: a
-        blueprint_id: ubuntu_24_04
-        bundle_id: nano_3_0
-    applications:
-      - openvpn
-    clients:
-      - client0
diff --git a/terraform/tests/config-empty.tpl.yml b/terraform/tests/config-empty.tpl.yml
new file mode 100644
index 0000000..5c29c8c
--- /dev/null
+++ b/terraform/tests/config-empty.tpl.yml
@@ -0,0 +1,5 @@
+terraform_cloud:
+  organization:
+    name: ${TERRAFORM_ORGANIZATION}
+    workspace: ${TERRAFORM_WORKSPACE}
+servers:
diff --git a/terraform/tests/config-empty.yml b/terraform/tests/config-empty.yml
deleted file mode 100644
index d2479b6..0000000
--- a/terraform/tests/config-empty.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-terraform_cloud:
-  organization:
-    name: organization_84380
-    workspace: integration_tests
-servers:
diff --git a/terraform/tests/config-gc.yml b/terraform/tests/config-gc.yml
deleted file mode 100644
index 74d5a09..0000000
--- a/terraform/tests/config-gc.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-terraform_cloud:
-  organization:
-    name: organization_84380
-    workspace: integration_tests
-google_cloud:
-  project_id: tidy-interface-339810
-servers:
-  green:
-    provider: gc
-    gc:
-      compute: gce
-      gce:
-        region: us-west1
-        zone: b
-        machine_type: e2-micro
-        image:
-          project: ubuntu-os-cloud
-          family: ubuntu-2204-lts
-        enable_ipv6: true
-    applications:
-      - openvpn
-    clients:
-      - client1
-      - client2