Not authorized to assume the provided role

Question

I am following the AWS Step Functions tutorial. The whole state machine process is like this.

I have a role called step_functions_basic_execution with policy AWSLambdaRole. My Step function state machine is using this role.

My step function is

{
  "Comment": "A simple AWS Step Functions state machine that automates a call center support session.",
  "StartAt": "Open Case",
  "States": {
    "Open Case": {
      "Type": "Task",
      "Resource": "arn:aws:lambda:us-west-2:829495130000:function:OpenCaseFunction",
      "Next": "Assign Case"
    }, 
    ...
}

The corresponding Open Case Lambda function is

exports.handler = (event, context, callback) => {
    // Create a support case using the input as the case ID, then return a confirmation message   
   var myCaseID = event.inputCaseID;
   var myMessage = "Case " + myCaseID + ": opened...";   
   var result = {Case: myCaseID, Message: myMessage};
   callback(null, result);    
};

When I tried to run it, it failed at first step Open Case.

The input is

{
  "inputCaseID": "001"
}

It throws error:

States.TaskFailed

Neither the global service principal states.amazonaws.com, nor the regional one is authorized to assume the provided role.

Any idea how to fix it? Thanks

Answer 1

Thanks Joel Kinzel's guide. It was my mistake.

I did wrong at Step 2c.

On the Create Roles screen, leave AWS Service selected, select Step Functions

I chose Lambda instead of Step Functions, even next page is I still added AWSLambdaRole, but it does not help and cause the issue.