Best practices to declare a third-party provider only required by a child-module

I’m struggling to find some logic behind what’s specified in the documentation.

According to the docs, providers should never be declared in module that will be used by other modules, that is, a child module.

However, if I have a provider which only applies to the child module, wouldn’t that make sense to add it in the child module? Specifically, if it’s a third-party provider not related to any “deployment configuration”. For example, “gavinbunney/kubectl”.

Otherwise, I need to define the provider in the root module, add the provider in the required_providers section of the root module, and also, add the provider in the required providers section of the child module, making the information kind of redundant.

You can define a provider in a child module, but the reason it’s discouraged is because it comes with limitations:

  • It then becomes problematic to ever remove the child module in the future, since just removing it would remove the definition of the provider, which is needed to destroy the resources it previously created.

  • Providers in child modules are incompatible with for_each, count or depends_on being used in the module block.

Provider configuration is usually about fitting in to your overall external environment. Therefore, having a module which says “to use this module you need to define a provider of type X” is usually not a big imposition in practice. Even if you were to have the child module define the provider, it would usually then be necessary for the child module to take input variables to specify how the internal provider should be configured - effectively just moving the configuration burden from one block to another.