Thursday, November 30, 2023
HomeSoftware EngineeringHow you can Repair “isn't approved to create managed-rule” in AWS Step...

How you can Repair “isn’t approved to create managed-rule” in AWS Step Capabilities

You probably have ever obtained the next error isn't approved to create managed-rule when working a Step Operate via Terraform’s AWS Supplier, then you will have jumped via many alternative hoops attempting to determine what was incorrect.

What’s the Fast Repair?

Open the position in IAM and connect the CloudWatchEventsFullAccess AWS managed coverage to the permissions insurance policies.

Want Extra Info?

IAM Function Principal Coverage required to AssumeRole

    "Model" : "2012-10-17",
    "Assertion" : [
        "Effect" : "Allow",
        "Principal" : {
            "Service" : ""
        "Action" : "sts:AssumeRole"

IAM Function Coverage GetEvents For StepFunctions Execution Rule

    "Impact": "Enable",
    "Motion": [
    "Useful resource": [

IAM Function Coverage underneath StepFunctions CloudFormation

- Impact: Enable
  - occasions:PutTargets
  - occasions:PutRule
  - occasions:DescribeRule
  Useful resource: 
  - !Sub arn:${AWS::Partition}:occasions:${AWS::Area}:${AWS::AccountId}:rule/StepFunctionsGetEventsForStepFunctionsExecutionRule

If you have to restrict it to a useful resource, then StepFunctionsGetEventsForStepFunctionsExecutionRule is the one you’re on the lookout for!



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments