Generated IAM role does not include all the necessary permissions.
What did you expect should have happened?
Given that one of the steps is a call to the SES v2 api, I would expect the generated steps execution role to have the permission to invoke this AWS endpoint.
What was the config you used?
here is a snippet of my serverless.yml file:
This is a Bug Report
Description
For bug reports:
Generated IAM role does not include all the necessary permissions.
What did you expect should have happened? Given that one of the steps is a call to the SES v2 api, I would expect the generated steps execution role to have the permission to invoke this AWS endpoint.
What was the config you used? here is a snippet of my serverless.yml file:
What stacktrace or error message from your provider did you see? when deploying the template, this was printed inthe console:
Deploying mydata to stage tst (eu-west-1) Cannot generate IAM policy statement for Task state { Type: 'Task', End: true, Parameters: { Content: { Simple: { Body: { Text: [Object] }, Subject: { Charset: 'UTF-8', Data: ' the subject' } } }, Destination: { ToAddresses: [ 'my@mail.address' ] }, FromEmailAddress: 'my@mail.address' }, Resource: 'arn:aws:states:::aws-sdk:sesv2:sendEmail' } ✓ State machine "SendEmails" definition is valid
✔ Service deployed to stack mydata-tst (98s)