I’m trying to set up an AWS auth role in Vault using Terraform (well, really Pulumi, but it amounts to the same underlying code). Setting up the role works fine, but the problem comes when I try to alias it to another Vault Entity. In order to do so, I need access to the role_id of the AWS auth role, but this doesn’t appear to be returned as an output of aws_auth_backend_role. The id output appears to be the path of the auth role (e.g., auth/aws/role/my-role), but that can’t be used to create an entity alias.
Is there some other way to get access to the role_id within the Terraform run? Or is this a legitimate shortcoming in the API?
Thanks.