How can I get a TFE workspace to recognize an AWS profile?

I am running some AWC CLI commands to grant permissions using the provisioner local_exec block in a null_resource. The role that is needed to grant these is not the same role that the terraform code is running under.

To make this work in AWC CLI, you need to add a profile in your .aws/config file and attach it to the federated role you are logged in as, then add a “–profile some_name” argument to your CLI command. I have done this, and the command runs fine when I run from a CLI command line. It also runs fine in Terraform when I run locally on my machine using the null_resource, I assume as it is still finding that profile in my AWS config file. However, when I run the Terraform in a TFE workspace, it doesn’t work because it tells me that config profile can not be found.

How do I get that profile into TFE? Or how else can I run that command under a different role? I thought I could just do it as I do when creating tables or other resources using this other role - I just create a separate AWS provider with an alias and put that 'provider = aws.myalias" in the resource block. But a null resource will not allow this.

So how can I get this command to run with a different role in TFE?