From 6093ae9347d108a07833dab78d00fb7be61c8573 Mon Sep 17 00:00:00 2001
From: Joel Balcaen <jobalcaen+github@gmail.com>
Date: Fri, 19 Apr 2024 21:52:34 -0300
Subject: [PATCH] allow invoke lambda

---
 .../email_form_fill/state_machine.tf          | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/state_machines/email_form_fill/state_machine.tf b/state_machines/email_form_fill/state_machine.tf
index ea7b383..7f83ed4 100644
--- a/state_machines/email_form_fill/state_machine.tf
+++ b/state_machines/email_form_fill/state_machine.tf
@@ -45,6 +45,28 @@ resource "aws_iam_role_policy" "sfn_lambda_s3_access" {
   EOF
 }
 
+resource "aws_iam_role_policy" "sfn_lambda_invoke_access" {
+  name = "sfn_lambda_invoke_access"
+  role = aws_iam_role.iam_for_sfn.id
+
+  policy = <<EOF
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Action": [
+                    "lambda:InvokeFunction"
+                ],
+                "Resource": [
+                    "arn:aws:lambda:*:*:function:*"
+                ]
+            }
+        ]
+    }
+  EOF
+}
+
 
 resource "aws_sfn_state_machine" "sfn_state_machine" {
   name     = "my-state-machine"