### Terraform Version ```shell Terraform v1.3.1 on linux_amd64 + provider registry.terraform.io/hashicorp/aws v3.75.2 + provider registry.terraform.io/hashicorp/external v2.2.2 + provider registry.terraform.io/hashicorp/kubernetes v2.11.0 + provider registry.terraform.io/hashicorp/template v2.2.0 ``` ### Terraform Configuration Files ```terraform # This secret is used to persist the Vault root token, since there's otherwise # no place that it is persistently available. resource "aws_secretsmanager_secret" "root_token" { name = "vault-root-token" } data "external" "vault_init" { # Vault must be up before we can init it. depends_on = [kubernetes_deployment.vault] program = ["init_vault.sh", "-"] query = { # redacted root_token_secret_arn = aws_secretsmanager_secret.root_token.arn, } } ``` When this module has not been applied (so `kubernetes_deployment.vault` has not been created), import of `aws_secretsmanager_secret.root_token` still tries to evaluate this data source, and fails because the external data source script expects Vault to actually exist. ### Debug Output Not available. Contains many details we don't want to disclose. ### Expected Behavior `terraform import` should not try to evaluate data sources that have unmet dependencies. In previous versions, it did not evaluate data sources at all. ### Actual Behavior `terraform import` evaluates a data source that `depends_on` a resource that doesn't exist yet. ### Steps to Reproduce 1. `terraform import` a resource that triggers evaluation of a data source (unclear to me when this happens, as it never happened before). 2. Have the triggered data source depend on a resource that doesn't exist yet. ### Additional Context _No response_ ### References _No response_