How to Create an `aws_ssm_association` with Simple Execution in Terraform?

Question

Issue
I am trying to create an SSM Association with Simple Execution in Terraform. However, I am encountering issues:

1. If I set automation_target_parameter_name, the execution changes to Rate Control Execution (which I don’t want).

2. If I omit automation_target_parameter_name, Terraform does not allow me to apply the configuration.

3. When I run the association (code below), the execution succeeds, but the SSM automation is not being triggered as expected.

Questions

1. How can I correctly define an aws_ssm_association to ensure the SSM automation executes as a Simple Execution?

2. Is there a way to configure Terraform to skip automation_target_parameter_name while keeping the automation functional?

3. Are there specific parameters or dependencies I am missing that prevent the automation from being called?

References

• Related issue: HashiCorp Terraform AWS Provider #32471

• Docs: Terraform AWS SSM Association

Current Configuration
SSM Association (Terraform):

#Association
resource "aws_ssm_association" "stop_liq_rds_instance" {
  name             = "Turn_On_State_Machine"
  association_name = "TurnOffRds"

  schedule_expression = "cron(0 00 18 ? * * *)"
  automation_target_parameter_name = "InstanceId"

  parameters = {
    "AutomationAssumeRole" = data.aws_iam_role.ssm-stop-rds-from-stepfunction.arn
  }

  targets {
    key    = "tag:aws:NoOpAutomationTag"
    values = ["AWS-NoOpAutomationTarget-Value"]
  }

SSM Document:

assumeRole: "{{ AutomationAssumeRole }}"
parameters:
  AutomationAssumeRole:
    type: String
    description: (Optional) The ARN of the role that allows Automation to perform the actions on your behalf.
    default: ''
mainSteps:
  - name: StartStateMachine
    action: aws:executeStateMachine
    isEnd: true
    inputs:
      stateMachineArn: ***
      input: '{   "test": "foo" }'