Is it possible to make a provisioner block optional?

I have a Terraform module for configuring Google Cloud instances that used to just configure Linux hosts, but now I need to setup a Windows host. The issue with that is that I can’t use provisioner block for that because it doesn’t support RDP or anything else that Windows could use.

The google_compute_instance resource allows for setting of metadata.sysprep-specialize-script-ps1 to provide a PowerShell script for setup. But if I do that the provisioner used for Linux hosts still tries to run and fails with a timeout due to lack of SSH.

Is there a way to make the provisioner block optional depending on a variable?

I saw there’s a when clause, but it seems like the only valid values are create and destroy.

I thought I could hack this using the dynamic block like so:

  provisioner "ansible" {
    dynamic "plays" {
      for_each = var.ps_setup_script == "" ? [1] : []
      content {
        playbook {
          file_path = "${path.cwd}/ansible/bootstrap.yml"

But to my surprise that caused a segfault:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0xdc8327]

So that’s not gonna work.

It seems like the only solution is to fork the module just to remove the provisioner block.