No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<@UHTP242EB> any advice here ?

Can we create and then update a `Resource` in a single Pulumi template ?

<@UL49Z5Q12> I'm really interested on the answer to your question. If you find a solution, please, let us know.

<@UKY00FQKS> I'm still working on it but the solution we've found is to create another `Resource` via a Dynamic Provider that merely performs step 3 (validation of the SAML)

It's a similar process as the one used by Terraform &amp; Pulumi for AWS ACM CertificateValidation

The `Resource` just finds the SAML App by its ID and updates it with the metadata obtained in step 2 : it does not actually provision anything and does not have a `delete` method

I'll try it and give you feedback. By now, I set those steps as "manual" (yes, it also sounds terrible to me) and I'm working on other steps of the Pulumi deployment.

BTW if you problem is specific to Okta, there's an alternative method:
<https://controltower.aws-management.tools/infrastructure/sso/okta_sso/>