Not authorized to assume the provided role

I am following the AWS Step Functions tutorial. The whole state machine process is like this.

enter image description here

I have a role called step_functions_basic_execution with policy AWSLambdaRole. My Step function state machine is using this role.

My step function is

{
  "Comment": "A simple AWS Step Functions state machine that automates a call center support session.",
  "StartAt": "Open Case",
  "States": {
    "Open Case": {
      "Type": "Task",
      "Resource": "arn:aws:lambda:us-west-2:829495130000:function:OpenCaseFunction",
      "Next": "Assign Case"
    }, 
    ...
}

The corresponding Open Case Lambda function is

exports.handler = (event, context, callback) => {
    // Create a support case using the input as the case ID, then return a confirmation message   
   var myCaseID = event.inputCaseID;
   var myMessage = "Case " + myCaseID + ": opened...";   
   var result = {Case: myCaseID, Message: myMessage};
   callback(null, result);    
};

When I tried to run it, it failed at first step Open Case.

The input is

{
  "inputCaseID": "001"
}

It throws error:

States.TaskFailed

Neither the global service principal states.amazonaws.com, nor the regional one is authorized to assume the provided role.

Any idea how to fix it? Thanks

Answer

Thanks Joel Kinzel’s guide. It was my mistake.

I did wrong at Step 2c.

On the Create Roles screen, leave AWS Service selected, select Step Functions

I chose Lambda instead of Step Functions, even next page is I still added AWSLambdaRole, but it does not help and cause the issue.