module "sfn" {
  source  = "terraform-aws-modules/step-functions/aws"
  version = "5.1.0"

  name              = "example"
  type              = "standard"
  definition        = file("${path.module}/reboot-asg-instances.json")
  publish           = true
  role_arn          = module.sfn-role.role-arn
  use_existing_role = true
}

module "sfn-role" {
  source         = "../../../modules/security_identity_compliance/iam-role-v2"
  role-name      = "example-sfn-role"
  path           = "/Sfn/"
  description    = "Role for example step function"
  trusted-entity = "states.amazonaws.com"
  policies = {
    example-sfn-policy = {
      description = "XrayAccess"
      policy = jsonencode(
        {
          "Version" : "2012-10-17",
          "Statement" : [
            {
              "Effect" : "Allow",
              "Action" : [
                "xray:PutTraceSegments",
                "xray:PutTelemetryRecords",
                "xray:GetSamplingRules",
                "xray:GetSamplingTargets"
              ],
              "Resource" : [
                "*"
              ]
            }
          ]
        }
      )
    }
  }
}