1 Answer
- Newest
- Most votes
- Most comments
0
Hi Wendy,
Are you able to attach a custom policy to the Lab role as described here? https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-managingrole-editing-console.html (Modifying a role permissions policy (console)).
Then you can select step function start execution and associate it with a resource arn.
Hope it helps ;)
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 9 months ago
I tried this before, but I can't attach role policy. The error was: Errors attaching policies to the role. Policy AWSStepFunctionsConsoleFullAccess not added. User: arn:aws:sts::051823271855:assumed-role/voclabs/user**** is not authorized to perform: iam:AttachRolePolicy on resource: role LabRole because no identity-based policy allows the iam:AttachRolePolicy action
Thank you so much for your help!
Strange. I d try to add iam:AttachRolePolicy to your user. Most likely will fail because the lab is maybe too restrictive. Do you have an option to restart the lab (destroy and redo)?
I can restart the lab but it didn't help. I found the LabRole of my TA is the same as mine. Do you have any suggestions about connect S3 with step function? I tried EventBridge before, but it also didn't work because of the LabRole.
But did you manage to execute the step function from lambda?
Is the s3 question related to this problem or is another one. You would need to elaborate it a bit either here or in a new question depending on it
Yes, I used stepFunction.start_execution( stateMachineArn='arn:aws:states:XXXXXXXXXXXXXXXX:stateMachine:my-state-machine',...) from my lambda.