i’m finding that specifying role_arn
here is ignored for the s3 bucket. it’s used for the dynamo lock lookup, but for the s3 bucket init, it doesn’t use the role_arn
defined here https://www.terraform.io/language/settings/backends/s3#assume-role-configuration
and instead uses the local credentials.