The warning we see as soon as we update our state machine definition is correct. We will need to update our IAM role permissions for the state machine to work. But anyway let’s try another execution to see what the insufficient permission error will look like.
{
"application": {
"name": "Spock",
"address": "123 Enterprise Street"
}
}
After a while, you will see the result of this failed execution. The “Execution status” displays “Failed” and you’ll see a red alert in the state machine process representation below, highlighting the failed status.
When the state machine executes, it assumes the IAM role to determine what types of actions it is allowed to perform within the AWS environment. Currently, we haven’t added any explicit permissions to allow this Role to call our Lambda function Data Checking, so we get an error when this state machine tries to run.
We will work around this by adding the appropriate permissions to the Role that our Step Functions assume during execution in the next step.