This article details how to capture debug logs within Terraform for troubleshooting issues related to the Okta Terraform Provider. When reviewing issues with the Okta Terraform Provider, it may require providing debug logs that show the specific events and API calls being made to Okta.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Okta Terraform Provider

In order to log and capture debug logs, it is required to add the following commands in front of the terraform command:

TF_LOG=debug TF_LOG_PATH="<FILENAME>"

Using this command, <FILENAME> would be replaced with the file where the logs should be located. If there is an existing file, the logs will be appended to the file. 

Below is an example of how to use this with terraform commands.

TF_LOG=debug TF_LOG_PATH="terraform.txt" terraform plan
TF_LOG=debug TF_LOG_PATH="terraform.txt" terraform apply

Running both of these commands will result in the file terraform.txt, including the debug logs for the terraform plan command followed by the debug logs for the terraform apply commands.

NOTE: Terraform debug logs will contain sensitive information such as API (SSWS) tokens or access tokens. Please redact this information before attaching it to the case. 

Once this is captured, the file can be attached to the case by uploading it to the Okta Support Portal.