If you have ever received the following error
is not authorized to create managed-rule when running a Step Function through Terraform’s AWS Provider, then you may have jumped through many different hoops trying to figure out what was wrong.
What is the Quick Fix?
IAM and attach the
CloudWatchEventsFullAccess AWS managed policy to the permissions policies.
Need More Information?
IAM Role Principal Policy required to AssumeRole
IAM Role Policy GetEvents For StepFunctions Execution Rule
IAM Role Policy under StepFunctions CloudFormation
If you need to limit it to a resource, then
StepFunctionsGetEventsForStepFunctionsExecutionRule is the one you’re looking for!