Vault Provider fails in TF plan

While we are working on Vault installation from helm chart in terraform there are two major issues which are faced.

  1. Vault Provider fails in terraform plan since it expects vault root token to be available which will become available once helm is deployed. How we can tackle this problem from terraform single run as we don’t want run with target.
  2. After vault helm deployment we have to run operator init command. Is there a logic/method by which we use to avoid using null resource in which we have unnecessarily create local file and pass token to Vault provider.

Point 1:

Terraform doesn’t support providers being configured with data that only becomes available after apply.

In a situation like this, you split up your Terraform configuration into one configuration that works with Helm/Kubernetes, and one which works with the Vault API, and run them in sequence.

Point 2:

Since you need to split up your configuration anyway, you can handle the Vault initialisation using non-Terraform logic between the two Terraform runs.