Remote-exec error with private key

I’m trying to test remote-exec and running into various errors when I specify a private key for the ssh connection. Any help is greatly appreciated!

ERROR 1

when private_key = "${file(var.ssh_key_private)}" is used in pb_rm.tf

│ Error: Invalid function argument
│
│   on pb_rm.tf line 17, in resource "null_resource" "remote-exec-test":
│   17:     private_key = "${file(var.ssh_key_private)}"
│     ├────────────────
│     │ var.ssh_key_private is "~/terra_ansible"
│
│ Invalid value for "path" parameter: no file exists at ~/terra_ansible; this
│ function works only with files that are distributed as part of the
│ configuration source code, so if this file will be created by a resource in
│ this configuration you must instead obtain this result from an attribute of
│ that resource.

the key can be found and read:

user@terraform:~/config_deploy_del_rm_test$ cat ~/terra_ansible
-----BEGIN OPENSSH PRIVATE KEY-----
blah..........==
-----END OPENSSH PRIVATE KEY-----

ERROR 2

when I try a full path private_key = "file(/home/user/terra_ansible) in pb_rm.tf

│ Error: remote-exec provisioner error
│
│   with null_resource.remote-exec-test,
│   on pb_rm.tf line 2, in resource "null_resource" "remote-exec-test":
│    2:   provisioner "remote-exec" {
│
│ Failed to read ssh private key: no key found

the key can be found and read:

user@terraform:~/config_deploy_del_rm_test$ cat /home/user/terra_ansible
-----BEGIN OPENSSH PRIVATE KEY-----
blah.................==
-----END OPENSSH PRIVATE KEY-----

Files

pb_rm.tf

resource "null_resource" "remote-exec-test" {
  provisioner "remote-exec" {
    inline = [
        "ansible-playbook /home/user/config_deploy_del_rm_test/hw.yml",
        #"cd /home/user/config_deploy_del_rm_test",
	      #"ansible-playbook hw.yml",
        "echo Done!",
      ]
  }
    connection {
    type     = "ssh"
    user     = "user"
    #password = "password"
    host     = "192.168.10.202"
    timeout  = "60s"
    #private_key = "file(/home/user/terra_ansible)"
    private_key = "${file(var.ssh_key_private)}"
  }
}

variables.tf

variable "password"{
    type = string
    default = "user"
}
variable "host"{
    type = string
    default = "192.168.10.202"
}

variable "ssh_key_private" {
  #default     = "/home/user/terra_ansible"
  default     = "~/terra_ansible"
}

Key

My key was generated with ssh-keygen -t rsa -b 2048 and given the name terra_ansible with no passphrase

and it was copied to the remote ansible server via ssh-copy-id -i terra_ansible user@192.168.10.202

I can ssh to the remote ansible server using the key with the command below

 ssh -i terra_ansible user@192.168.10.202 ansible-playbook ~/config_deploy_del_rm_test/hw.yml

and the play executes

I found that if I remove the remote backend runs execute. See => remote-exec run errors when private_key = "${file(var.ssh_key_private)}" when you use a remote backend · Issue #29342 · hashicorp/terraform · GitHub