context deadline exceeded for creating elasticsearch_opensearch_role

[synfinatic]

error:

elasticsearch_opensearch_role.event-trace: Creating...
╷
│ Error: context deadline exceeded
│
│   with elasticsearch_opensearch_role.event-trace,
│   on kibana.tf line 30, in resource "elasticsearch_opensearch_role" "event-trace":
│   30: resource "elasticsearch_opensearch_role" "event-trace" {

Note the line numbers above don't match the code below...

provider "elasticsearch" {
  url        = "https://${aws_opensearch_domain.fbl_event_trace.endpoint}"
  kibana_url = "https://${aws_opensearch_domain.fbl_event_trace.kibana_endpoint}"

  elasticsearch_version = var.opensearch_version
  username              = local.admin_username
  password              = random_password.terraform_admin.result
  aws_region            = local.region

  sniff             = true
  sign_aws_requests = false
  healthcheck       = true
}

# Create an ES role and map it to the IAM role
resource "elasticsearch_opensearch_role" "event-trace" {
  role_name   = "event_trace"
  description = "Event Trace Container Role"

  index_permissions {
    index_patterns = [
      "events*",
      "transitions*",
      "event-log*",
    ]

    allowed_actions = [
      "data_access",
      "delete",
      "index",
      "get",
      "search",
    ]
  }
}

I should mention this is the first resource I'm trying to create via the elasticsearch provider.

[synfinatic]

I should mention if I change the password to "foobar" in the provider, I get an authentication error, so I know it's not some firewall dropping the connection on the floor.

[synfinatic]

oh, apparently this is because of sniff = true? I'm not sure why that is, but definitely would be great if the error message provided some clue about what is going on.