Unable to generate database credentials, Error "role used to generate credentials is not an allowed role"

Hi All,
I am having a kind of deadlock issue.

I am deploying vault resources using terraform (vault provider), where I have two resources

  1. vault_database_secret_backend_connection
  2. vault_database_secret_backend_role

The first resource is used to establish a backend connection and the second one is used to create a role(like readonly/readwrite) for the same database connection established in resource one.

where in resource two I have to pass db_name argument with the connection name from the resource one attributes.

Here vault_database_secret_backend_connection is created without allowed_roles argument.

Till now it is fine.

When I am generating temp credentials like below, I am getting the role which i used is not part of the allowed_roles list.

vault read database/creds/my-read-role

Error reading database/creds/my-read-role: Error making API request.

URL: GET https://vault.xyz.com/v1/database/creds/my-read-role

Code: 500. Errors:

* 1 error occurred:

* "my-read-role" is not an allowed role

Role is created as part of the second resource which is a dependent on 1st resource because of db_name argument.

Now again how can I make the 1st resource is dependent on second resource to get the role names for the allowed_roles argument?

please guide me here.

As of now I used a workaround for allowed_roles.
giving normal role names in vault_database_secret_backend_connection resource like (allowed_roles = [“read”, “write”]) and creating the same roles in resource vault_database_secret_backend_role solved the issues.