I am running a pipeline, and I have my Datadog role already existing in AWS (created manually). When I run the pipeline, I want only the trust relationship to be modified. I don't want to recreate the role because my pipeline fails when Terraform tries to create it - my ADO only has permissions to update trust relationships in this existing role.

Here's my current Terraform code:

data "aws_iam_role" "datadog_role" {
  name = "DatadogRole"  # this role already exists in AWS, created manually
}

resource "aws_iam_role" "datadog_aws_integration" {
  name               = data.aws_iam_role.datadog_role.name
  description        = "Role for Datadog AWS Integration"
  assume_role_policy = data.aws_iam_policy_document.datadog_aws_integration_assume_role.json
}

I want to only update the trust relationship and not create the role, since the role already exists in AWS. My ADO doesn't have permissions to create roles, only to edit trust relationships.

How can I modify just the trust relationship of an existing role using Terraform?