the S3 Bucket was created already with only the role having access to it. My AWS user that I use for terraform doesn’t have permission to S3 at all.
Now is this a chicken and egg problem that I get a “permission denied” warning when initialising terraform because the “assume_role” part comes after that?
The mentioned key there was not created yet if that matters.
It may seem odd from a user perspective, but Terraform itself (that talks to S3 to store state) and terraform-provider-aws (that manages your infrastructure) are completely separate programs with their own pieces of configuration.
You have configured one of them to assume a role but not the other.
if I understand correctly, I need to configure “assume_role” for the bucket as well?
With this, I get another error (tried that yesterday already) saying
“Error: error configuring S3 Backend: IAM Role (arn:aws:iam::XXXXXXXXXX:role/tfrole) cannot be assumed.”
EDIT: I am using different profiles, if that matters, and I read somewhere that, without using “default” credentials, we might end up with this issue here.