What is the AWS Service Principal value for stepfunction?

Question

I'm writing the terraform for creating an IAM role for AWS StepFunctions. What should be the value for Principal in assume_role_policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "stepfunctions.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}

I'm getting the error

Error: Error creating IAM Role my_utility_sfn: MalformedPolicyDocument: Invalid principal in policy: "SERVICE":"stepfunctions.amazonaws.com"

GreenyMcDuff · Accepted Answer · 2022-05-12T09:32:37.747

21

The AWS documentation for service endpoints should hold the answer.

Looks like it is states.<region>.amazonaws.com

edited May 12 '22 at 09:32

answered Nov 08 '19 at 08:09

GreenyMcDuff

3,292
7
34
66

score 1 · Answer 2 · answered Sep 10 '21 at 10:22

1

The principal is states.<region>.amazonaws.com :

https://docs.aws.amazon.com/step-functions/latest/dg/tutorial-lambda-state-machine-cloudformation.html#lambda-state-machine-cfn-create-role

answered Sep 10 '21 at 10:22

gileri

662
8
16

score 0 · Answer 3 · answered Oct 18 '22 at 19:14

0

In short, the correct Service Principal for AWS Step Functions is:

states.amazonaws.com

answered Oct 18 '22 at 19:14

Heder Dyego

60
1
5

1

Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Oct 21 '22 at 11:06

What is the AWS Service Principal value for stepfunction?

3 Answers3