Okta provider should be initialized only if at least one resource defined in plan/state (lazy init)

[edrumh]

We have a scenario where we only configure Okta resources if var.enable_okta_setup is true. Even if no resources are to be created in the plan/state the okta provider is still initialized and complains about the api_token. The desired functionality would be that the okta provider doesn't initialize if no resources are created in plan/state.

provider "okta" {
  org_name  = var.okta_org_name
  base_url  = var.okta_base_url
  api_token = var.enable_okta_setup ? jsondecode(data.aws_secretsmanager_secret_version.okta[0].secret_string)["token"] : ""
}

│ Error: [ERROR] invalid configuration: your Okta API token is missing. You can generate one in the Okta Developer Console. Follow these instructions: https://bit.ly/get-okta-api-token
│
│   with provider["registry.terraform.io/okta/okta"],
│   on providers.tf line 63, in provider "okta":
│   63: provider "okta" {
│

[monde]

Agreed @edrumh , the provider should do a lazy init per your use case. We need to look into how to implement this, I'm not entirely sure that we can inspect the config to know if any of our resources have been defined before the provider itself goes through it set up of our SDK client.

Okta internal reference: https://oktainc.atlassian.net/browse/OKTA-611099

[monde]

@MaxymVlasov described his use case lazy init in duplicate #1564

[github-actions[bot]]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

[MaxymVlasov]

Unstale