TypeError when invoking nested step function by in stack reference

[DaveLo]

This is a Bug report (or question?)

Description

For bug reports:

• What went wrong? Trying to invoke a child machine from parent by a ref to logical id. I set the logical id using the id property as described in the docs.
• What did you expect should have happened? It should deploy
• What was the config you used? I've added a boilerplate example that has the same error to make reproduction as easy as possible

serverless.yml

```yaml service: sfn-test-case frameworkVersion: '2' provider: name: aws runtime: nodejs12.x lambdaHashingVersion: 20201221 region: us-east-1 stage: dev eventBridge: useCloudFormation: true package: individually: true patterns: - "!*.json" - "!*.md" stepFunctions: stateMachines: goodbye: type: STANDARD name: someMachineName-dev id: goodbyeMachine definition: StartAt: ending States: ending: Type: Pass End: true hello: type: STANDARD definition: StartAt: invokeChild States: invokeChild: Type: Task End: true Resource: arn:aws:states:::states:startExecution StateMachineArn: Ref: goodbyeMachine plugins: - serverless-step-functions ```

• What stacktrace or error message from your provider did you see?

StackTrace

```shell TypeError: Cannot read property 'StateMachineArn.$' of undefined at getStepFunctionsPermissions (/Users/**/**/sfn-test-case/node_modules/serverless-step-functions/lib/deploy/stepFunctions/compileIamRole.js:268:43) at /Users/**/**/sfn-test-case/node_modules/serverless-step-functions/lib/deploy/stepFunctions/compileIamRole.js:441:16 at arrayMap (/Users/**/**/sfn-test-case/node_modules/lodash/lodash.js:653:23) at map (/Users/**/**/sfn-test-case/node_modules/lodash/lodash.js:9622:14) at Function.flatMap (/Users/**/**/sfn-test-case/node_modules/lodash/lodash.js:9325:26) at ServerlessStepFunctions.getIamPermissions (/Users/**/**/sfn-test-case/node_modules/serverless-step-functions/lib/deploy/stepFunctions/compileIamRole.js:401:12) at /Users/**/**/sfn-test-case/node_modules/serverless-step-functions/lib/deploy/stepFunctions/compileIamRole.js:504:56 at Array.forEach () at ServerlessStepFunctions.compileIamRole (/Users/**/**/sfn-test-case/node_modules/serverless-step-functions/lib/deploy/stepFunctions/compileIamRole.js:493:32) at ServerlessStepFunctions.tryCatcher (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/util.js:16:23) at Promise._settlePromiseFromHandler (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/promise.js:547:31) at Promise._settlePromise (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/promise.js:604:18) at Promise._settlePromiseCtx (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/promise.js:641:10) at _drainQueueStep (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/async.js:97:12) at _drainQueue (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/async.js:86:9) at Async._drainQueues (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/async.js:102:5) at Immediate.Async.drainQueues [as _onImmediate] (/Users/**/**/sfn-test-case/node_modules/bluebird/js/release/async.js:15:14) at processImmediate (node:internal/timers:464:21) ```

Additional Data

• Serverless Framework Core Version you're using:

  Operating System:          darwin
   Node Version:              16.4.0
   Framework Version:         2.66.0 (local)
   Plugin Version:            5.5.1
   SDK Version:               4.3.0
   Components Version:        3.17.2

• The Plugin Version you're using: 3.2.0

[TimDN]

Just adding my two cents as i've also been trying to get this working. Based on this page should not StateMachineArn be specified in a Parameters object ? https://docs.aws.amazon.com/step-functions/latest/dg/sample-start-workflow.html

This is what i've been using to try to get this working.

serverless.yml

```yml stepFunctions: validate: true stateMachines: testMachine: name: testMachine id: TestMachine definition: StartAt: Test States: Test: Type: Pass End: true testNested: name: nestedTest definition: StartAt: Test States: Test: Type: Task Resource: arn:aws:states:::states:startExecution.sync:2 Parameters: StatMachineArn: Fn::GetAtt: [TestMachine, Arn] End: True ```

However using that format results in another error where the referenced state machine resource is set to null in the generated role. Leading to the error The CloudFormation template is invalid: [/Resources/NestedTestRole/Type/Policies/0/PolicyDocument/Statement/0/Resource/0] 'null' values are not allowed in templates I've tried some different ways to reference the state machine but even when using a hardcoded ARN results in the same error.

This is the generated role

cloudformation-template-update-stack.json

```yml { "NestedTestRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": { "Fn::Sub": "states.${AWS::Region}.amazonaws.com" } }, "Action": "sts:AssumeRole" } ] }, "Policies": [ { "PolicyName": "REMOVED THIS", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "states:StartExecution" ], "Resource": [ null ] }, { "Effect": "Allow", "Action": [ "states:DescribeExecution", "states:StopExecution" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "events:PutTargets", "events:PutRule", "events:DescribeRule" ], "Resource": [ { "Fn::Sub": [ "arn:${AWS::Partition}:events:${AWS::Region}:${AWS::AccountId}:rule/StepFunctionsGetEventsForStepFunctionsExecutionRule", {} ] } ] } ] } } ] } } } ```