Bro I have 14 years of experience, I have watched lots of videos over terraform but I liked your series the most. Keep it up you will get viewers attention
In dev account you created the role allowing assume role sts to prod account and attached to ec2 then why the assume role specifed in terraform configuration, when terraform plan is ran the ec2 should auto call sts to get temp creds and terraform should be able to use those creds
