Add missing PassRole permission for Scheduler tasks

[jormaechea]

This is a Bug Report

Description

For bug reports:

• What went wrong?
  • In Support EventBridge Scheduler Service integration #604 support for Scheduler tasks was added, but there is a missing IAM Permission that prevents the schedule from being created
• What did you expect should have happened?
  • The Schedule should have been created with the associated IAM Role
• What was the config you used?

{
  "Type": "Task",
  "Resource": "arn:aws:states:::aws-sdk:scheduler:createSchedule",
  "Parameters": {
    "ActionAfterCompletion": "DELETE",
    "FlexibleTimeWindow": {
      "Mode": "FLEXIBLE",
      "MaximumWindowInMinutes": 5
    },
    "Name.$": "$$.Execution.Name",
    "GroupName": "default",
    "ScheduleExpression": "at(2024-03-06T00:00:00)",
    "Target": {
      "Arn": "arn:aws:states:${aws:region}:${aws:accountId}:AnotherMachine",
      "RoleArn": "arn:aws:iam::${aws:accountId}:role/MySchedulerRole",
      "Input": {
        "foo": "bar"
      }
    }
  },
  "End": true
}

• What stacktrace or error message from your provider did you see?
  • User: xxx is not authorized to perform: iam:PassRole on resource: yyy because no identity-based policy allows the iam:PassRole action

Similar or dependent issues:

• Support EventBridge Scheduler Service integration #604

[horike37]

🎉 This issue has been resolved in version 3.20.1 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀