AWS StepFunction - Failed to update state machine

Question

I had a working StepFunction state machine with 4 steps triggering 4 Lambdas.

Since one of the steps is going to be a longer running task, I decided to turn one of the Lambdas into a Fargate task.

After configuring ECS and Fargate task, I tried updating my state machine definition, but got the error: Failed to update state machine. without any additional messages.

My state machine definition seems to be valid, here it is, just without actual ARNs:

{
  "Comment": "My Workflow",
  "StartAt": "Step1",
  "States": {
    "Step1": {
      "Type": "Task",
      "Resource": "copy-pasted-arn-of-lambda",
      "Next": "Step2"
    },
    "Step2": {
      "Type": "Task",
      "Resource": "arn:aws:states:::ecs:runTask.sync",
      "Parameters": {
        "LaunchType": "FARGATE",
        "Cluster": "copy-pasted-arn-of-cluster",
        "TaskDefinition": "copy-paster-arn-of-task-definition",
        "Overrides": {
          "ContainerOverrides": [
            {
              "Name": "container-name",
              "Command.$": "$.commands"
            }
          ]
        }
      },
      "Next": "Step3",
      "Catch": [
        {
          "ErrorEquals": [
            "States.ALL"
          ],
          "Next": "Step4"
        }
      ]
    },
    "Step3": {
      "Type": "Task",
      "Resource": "copy-pasted-arn-of-lambda",
      "Next": "Step4"
    },
    "Step4": {
      "Type": "Task",
      "Resource": "copy-pasted-arn-of-lambda",
      "End": true
    }
  }
}

This is the screenshot of the error:

Any ideas? I've been banging my head on this one for a while.

Answer 1

As it is always with AWS, it's permissions.

I forgot to allow my StepFunction access to events, which is needed:

"Action": [
  "events:PutTargets",
  "events:PutRule",
  "events:DescribeRule"
],

https://docs.aws.amazon.com/step-functions/latest/dg/ecs-iam.html

However, I'd really appreciate a more verbose error message!