Yes, this is possible I think, and the modification that I think might go in before the provider is officially released.
Right now the polling for commit verification is in the Read stage of the provider. If that is also moved into the Create and Update steps, then the resource ensures that the commit must succeed or else the resource will error out. Then, when specifying the rulestack in the cloudngfwaws_ngfw resource, you reference the rulestack from the cloudngfwaws_commit_rulestack resource to create the dependency.
You'll still need two terraform directories, I think... Otherwise users will need to manually build up an explicit depends_on and put that inside the cloudngfwaws_commit_rulestack definition, and that won't get fun once there's even a couple hundred resources per rulestack, much less thousands.
... View more